Brandon Allbery <[email protected]> writes:
> A host or network which drops all ICMP indiscriminately is
> fundamentally broken, and I could make an argument for not allowing it
> to communicate with other networks at all. If someone is demanding
> drop-all-ICMP as "security best practice" then you need to find
> someone who actually understands networks and network security, and
> possibly challenge your current security advisor(s) for fraud.
Good luck with that. Many sites on the internet block ICMPs.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
[email protected] PGP key available
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
