Re: Ok to let all ICMP traffic through firewall?

From: Mike Civil (mike_at_duncodin.org)
Date: 09/25/05

  • Next message: nutso fasst: "Re: How to prevent malware from running on your PC"
    Date: Sun, 25 Sep 2005 00:11:12 +0000 (UTC)
    
    

    In article <MPG.1d9e7f311cb8f5db98a10b@news-server.columbus.rr.com>,
    Leythos <void@nowhere.lan> wrote:
    >Which does not change the fact that I can limit ICMP to my non-partners
    >without impact on our communications.

    I'm sorry but I don't think you know what you're talking about. As
    you've previously quoted, without apparently understanding it, ICMP is
    predominantly a mechanism for reporting an error in IP. If you block it,
    and don't (or rarely) have an error at the IP level, then your setup
    will work - beacause there are no errors and ICMP simply isn't
    involved. If an error should occur then your blocking of ICMP could
    then prevent you from detecting and diagnosing faults, or allowing your
    application(s) to handle them.

    But it's your setup, and I think we'll just have to agree to differ.

    Mike


  • Next message: nutso fasst: "Re: How to prevent malware from running on your PC"

    Relevant Pages

    • Re: PIX 501 QUESTIONS...what am I doing wrong here?
      ... I figured it out based on a cisco forum reply on dslreports.com. ... you set up PAT and port forwarding in this way.... ... if it is setup on 1 IP using ... > 1) Just get ICMP working. ...
      (comp.security.firewalls)
    • PIX 501 QUESTIONS...what am I doing wrong here?
      ... We got a PIX 501 to ... I went through the simple setup wizard. ... Just get ICMP working. ... decided to use the web port of 8080. ...
      (comp.security.firewalls)
    • Re: icmp filtering (was: ssh tunneling)
      ... |> research lab about 3 years back, thats how i left it. ... |> about and setup this gateway/firewall. ... i was aware that disabling ICMP ...
      (Debian-User)
    • Re: Ok to let all ICMP traffic through firewall?
      ... >Which does not change the fact that I can limit ICMP to my non-partners ... >without impact on our communications. ... But it's your setup, and I think we'll just have to agree to differ. ...
      (comp.security.misc)
    • Re: Ok to let all ICMP traffic through firewall?
      ... >Which does not change the fact that I can limit ICMP to my non-partners ... >without impact on our communications. ... But it's your setup, and I think we'll just have to agree to differ. ...
      (alt.computer.security)