Educause Security Discussion mailing list archives
Re: ICMP blocking
From: David Lundy <dlundy () PACIFIC EDU>
Date: Wed, 6 Dec 2006 14:51:04 -0800
Gary:
We block, but we got a minor ding from a recently completed
external sweep/vulnerability assessment by ISS because they were able to
get some ICMP responses. They considered ICMP to be a security issue.
We don't know specifically what they observered.
David Lundy
----
David Lundy
Acting IT Security Officer
University of the Pacific
Stockton, CA 95211
Email: dlundy () pacific edu
Voice: 209-946-3951
Fax: 209-946-2898
Gary Dobbins <dobbins () ND EDU> 12/06/06 1:24 PM >>>
Quick survey: Who's blocking ICMP subsets (like echo requests, traceroutes) at their borders? Who's not? Strong feelings about why in either case? Certainly, doing so is not a huge security gain, but the alternative means you're giving away the map anonymously. How polar is the community on this? Thanks. -- ------------------------------------------------------------ Gary Dobbins, CISSP -- Director, Information Security University of Notre Dame, Office of Information Technologies
Current thread:
- ICMP blocking Gary Dobbins (Dec 06)
- <Possible follow-ups>
- Re: ICMP blocking ken lindahl (Dec 06)
- Re: ICMP blocking Jeff Kell (Dec 06)
- Re: ICMP blocking Constantakos, William (Dec 06)
- Re: ICMP blocking Randy Marchany (Dec 06)
- Re: ICMP blocking David Gillett (Dec 06)
- Re: ICMP blocking John Ladwig (Dec 06)
- Re: ICMP blocking David Lundy (Dec 06)
- Re: ICMP blocking Gary Flynn (Dec 06)
- Re: ICMP blocking Ken Connelly (Dec 06)
- Re: ICMP blocking Russell Fulton (Dec 07)
- Re: ICMP blocking Joe St Sauver (Dec 07)