Re: Ok to let all ICMP traffic through firewall?
From: Dimitri Maziuk (dima_at_127.0.0.1)
Date: 09/23/05
- Next message: Mike Scott: "Re: Ok to let all ICMP traffic through firewall?"
- Previous message: Peter: "Re: Ok to let all ICMP traffic through firewall?"
- In reply to:(deleted message) Leythos: "Re: Ok to let all ICMP traffic through firewall?"
- Next in thread: Leythos: "Re: Ok to let all ICMP traffic through firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Sep 2005 15:48:01 +0000 (UTC)
Leythos sez:
> In article <176uZD2KcidF-pn2-yKJP7XquDBiB@rikki.tavi.co.uk>, rde42
> @spamcop.net says...
>> On Thu, 22 Sep 2005 23:13:55 UTC, Leythos <void@nowhere.lan> wrote:
>>
>> > > In practice, you need to let a few ICMP messages through, then. For
>> > > example, source quench and destination unreachable.
>> >
>> > Wrong, you don't NEED to allow anything. You may FEEL that you do, but
>> > we've got almost 100 networks that don't allow ICMP or anything else
>> > inbound and they work just fine, and we'll not change them.
>>
>> You're wrong. But that's fine. You just carry on.
>
> Then, when we're running along for the last few years, blocking all ICMP
> inbound and at the firewall, what are we denying ourselves?
Your 100 networks are not, strictly speaking, a part of the Internet
since they don't comply with the Internet standards.
HTH, HANL
Dima
--
All whitespace is equivalent except in certain situations
-- ANSI C standard committee
- Next message: Mike Scott: "Re: Ok to let all ICMP traffic through firewall?"
- Previous message: Peter: "Re: Ok to let all ICMP traffic through firewall?"
- In reply to:(deleted message) Leythos: "Re: Ok to let all ICMP traffic through firewall?"
- Next in thread: Leythos: "Re: Ok to let all ICMP traffic through firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
