On Wed, Dec 05, 2007 at 03:27:33PM -0800, Daniel B. Thurman wrote: > > Should ICMP packets be allowed both over the > Internet or should it be allowed to pass only in > the local networks? > > I have a firewall appliance and trying to make sure > that I am being secured properly. > > Thanks! > ICMP has many types, I assume you are referring to ICMP ECHO request/reply (for ping) and perhaps use rate limiting (ie. 5 requests/sec) Your call if you want people to ping you or not, a lot of people assume ICMP echo doesn't work and just check for the existence of listening ports anyway (port 80, 443) -- offset