Agreed topic dropped. The passive approach seems safer. -----Original Message----- From: Chris Buechler [mailto:[EMAIL PROTECTED] Sent: Monday, October 24, 2005 4:23 PM To: [email protected] Subject: Re: [pfSense Support] Diagnostics: DHCP leases v0.88
Frimmel, Ivan (ISS South Africa) wrote: >Again from IP 101(many years back so I could be wrong ) What about >pinging the broadcast .. This should highlight some less talkative ips >on the local subnet ? And localise icmp traffic .. Ideal for small >networks ? > Nope. Most machines don't respond to pings to the broadcast address anymore, for good reason. The old "smurf" attack used this, amongst other mischief, so most well-behaved network stacks won't respond to such crap. From some quick tests, looks like around 10-20% of network hosts will respond, mostly printers and similar equipment. Pinging from the firewall, no matter how you do it, is a *bad idea*. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
