Gert, you surely know that every enabled protocol/port is a potential threat.
.kurt Am 05.05.21 um 12:32 schrieb Gert Doering: > Hi, > > On Wed, May 05, 2021 at 12:30:01PM +0200, Kurt Kayser wrote: >> I understand your point. But there is really no big effort to check if >> Port 873 is working: >> >> <host>nc -zvw100 rpki.ripe.net 873 >> Connection to rpki.ripe.net 873 port [tcp/rsync] succeeded! >> >> Let's make a security comparison, if this is really a necessary feature? > So where exactly is the *security* drawback of permitting ICMP echo? > > But yes, of course, we can all do tcpping instead - which is much > more likely to have an adverse effect on the actual service... > > Gert Doering > -- NetMaster
smime.p7s
Description: S/MIME Cryptographic Signature
