On 3/7/19 8:10 AM, Saku Ytti wrote: > So why not disable ICMP Echo and UDP traceroute, those kids using > network diagnostics don't need them. > > For clue constrained audience fear will always be the most compelling > argument.
OK, OK, so I will continue to rate-limit both, to reasonably high limits on the order of 250/second. Absent a DoS, it allows network operators to use these tools as they should. My logs show no harm except to attack traffic. Everything in moderation.
