On most firewalls, you can block particular icmp types to specific addresses. So, you could allow your email server to be pinged, but not the outside interface on the firewall. Or you could allow ping and traceroute out of your network, but not in.
-----Original Message----- From: Mark L. Jackson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 08, 2002 12:15 AM To: Damon Sisola; 'Holland, Stephen'; [EMAIL PROTECTED] Subject: RE: Closing holes with out a firewall > Look at IPSec policies instead, they are much more flexible > in rules and I am not so sure about that. If I remember correctly you have to block all or none. For instance: if you want to block ICMP ECHO, you have to block all ICMP requests.
