Re: ICMP (Ping)

[<freeasabird_13 () gmx net>]

> > Yes.  It would not be preferable for you to allow your firewall/router
> > to respond to pings from the internet.  Someone running a wide-scale
> > scan of internet computers for possible attack targets would quickly
> > be made aware of your obvious internet presence and you could become a
> > target for attack.
>
> I don't think so. Not responding to ICMP echo-requests won't make you
> invisible. Whenever a ping does not return "host unreachable" you know
> there *is* something with that address.
> Dropping ICMP packets might be useful though, to protect the firewall
> or router from being DoS'ed through ICMP, but it won't hide your host.

For the record, I never said nor implied that not responding to pings would
make one's internet presence "invisible".  I merely said/implied that it
would make your presence less obvious, which it simply would.  I understand
your concern that someone might have taken my statements that way and erred
believing that their systems would be securely hidden.  Keeping this in mind
I will try to make my statements more clear in the future.

Best Wishes,

~Nathaniel Hasenfus


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.515 / Virus Database: 313 - Release Date: 9/1/2003


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------