Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: ICMP (was: daily internet traffic report)
From: Barrie Dempster <barrie () reboot-robot net>
Date: Mon, 18 Oct 2004 11:07:47 +0100

On Sun, 2004-10-17 at 16:35 -0600, James Edwards wrote:

That is great till you want to run a server behind that firewall.
<snip>

If the server is behind the firewall the firewall will be aware of the
connection passing through and will therefore regard the packets as
legitimate.

I agree with you though blocking ICMP isn't much towards security
although as said before if we block everything and whitelist we are
closer to a secure system.
(The whitelist here being, RELATED connections)

-- 
Barrie Dempster (zeedo) - Fortiter et Strenue

  http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]