Security Basics mailing list archives

AW: ICMP (Ping)

From: Meidinger Chris <chris.meidinger () badenit de>
Date: Wed, 3 Sep 2003 10:04:41 +0100

Yes. It is a Bad Idea, with a big Bee and a big Eye.

You don't (normally) want people to be able to enumerate your firewall.
You can decide yourself whether the internal hosts should respond to pings,
but the firewall certainly should not.

-Chris Meidinger

-----Ursprüngliche Nachricht-----
Von: Paul Kurczaba [mailto:paul () myipis com] 
Gesendet: Dienstag, 2. September 2003 21:20
An: security-basics () securityfocus com
Betreff: ICMP (Ping)


Are there any security issues for allowing a firewall/router to respond to
Ping from the internet?

-Paul Kurczaba

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------

Current thread:

AW: ICMP (Ping) Meidinger Chris (Sep 03)
- <Possible follow-ups>
- AW: ICMP (Ping) Meidinger Chris (Sep 05)
  - Re: AW: ICMP (Ping) Tim Greer (Sep 05)
- AW: ICMP (Ping) Meidinger Chris (Sep 08)
  - Re: AW: ICMP (Ping) Tim Greer (Sep 08)
  - Re: AW: ICMP (Ping) jfastabe (Sep 08)