On Wed, 2007-12-05 at 19:21 -0500, Sam Varshavchik wrote: > Daniel B. Thurman writes: > > > Craig White wrote: > > > >>Sent: Wednesday, December 05, 2007 3:33 PM > >>To: For users of Fedora > >>Subject: Re: Questions about ICMP > >> > >> > >>On Wed, 2007-12-05 at 15:27 -0800, Daniel B. Thurman wrote: > >>> Should ICMP packets be allowed both over the > >>> Internet or should it be allowed to pass only in > >>> the local networks? > >>> > >>> I have a firewall appliance and trying to make sure > >>> that I am being secured properly. > >>---- > >>disabling icmp echo requests is a great feature for the ultra-paranoid > > > > So... am I to read this as it is a good idea to disable all icmp > > requests? I get a LOT of ICMP requests from the Internet probing > > at my ports, which are disabled. This is a good idea? > > As the man said: only if you're ultra-paranoid, and live in a perpetual fear > of Internet boogey-men. Hey, man, just because I'm paranoid doesn't mean they AIN'T out to get me! :-) ---------------------------------------------------------------------- - Rick Stevens, Principal Engineer rstevens@xxxxxxxxxxxx - - CDN Systems, Internap, Inc. http://www.internap.com - - - - "Do you suffer from long-term memory loss?" "I don't remember" - - -- Chumbawumba, "Amnesia" (TubThumping) - ----------------------------------------------------------------------
