On Wednesday, April 25, Chad M Stewart wrote: > > I did NOT suggest blocking ALL ICMP, just echo-request and echo- > replies from internal hosts to untrusted IPs.
And how is this not violating RFCs? > Trojans have used echo-request and echo-reply as a method of covert > communication. I've you've been compromised, it's already too late. > If you had read the original post you'd see that $icmp_types was > defined to be echoreq. Irrelevant. > I don't this is FUD. Telling people to worry about the door to the barn after the horse has left is not FUD? It's not misdirection? Tell them to solve the root of their problems instead. --Toby.
