Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PIX firewall and ICMP

From: "Tenorio, Leandro" <ltenorio () intelaction com>
Date: Wed, 24 Sep 2003 16:09:30 -0300
If it's for trouble-shooting u can enable just the hosts used for
trouble-shooting. In my case I have them enable and alarms to monitor
the traffic.



-----Original Message-----
From: Cat Thrasher [mailto:isd607 () co santa-cruz ca us] 
Sent: Wednesday, September 24, 2003 2:22 PM
To: Security-Basics (E-mail)
Subject: PIX firewall and ICMP

Please advise your opinions on my problem. I had a permit statement on
the PIX that would allow ICMP from any to any. Since being hit with
Nachi, I turned it off. I am being asked my policy on when it will be
turned back on. I have a rather large network and many "divisions" who
work independently, yet access the internet thru "my" PIX. They like to
use ping when trouble-shooting.
Can I get an opinion on whether or not I should turn this back on...
Thanks 

Cat Thrasher
Network Support Analyst
County of Santa Cruz
831-454-5367
cat.thrasher () co santa-cruz ca us


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: