Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: ICMP (was: daily internet traffic report)
From: Barrie Dempster <barrie () reboot-robot net>
Date: Mon, 18 Oct 2004 11:07:47 +0100

On Sun, 2004-10-17 at 16:35 -0600, James Edwards wrote:

That is great till you want to run a server behind that firewall.

If the server is behind the firewall the firewall will be aware of the
connection passing through and will therefore regard the packets as

I agree with you though blocking ICMP isn't much towards security
although as said before if we block everything and whitelist we are
closer to a secure system.
(The whitelist here being, RELATED connections)

Barrie Dempster (zeedo) - Fortiter et Strenue


[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]