Educause Security Discussion mailing list archives

Re: ICMP blocking

From: Ken Connelly <Ken.Connelly () UNI EDU>
Date: Wed, 6 Dec 2006 21:03:44 -0600

Gary Dobbins wrote:

Quick survey:  Who's blocking ICMP subsets (like echo requests,
traceroutes) at their borders?  Who's not?  Strong feelings about why
in either case?

We began blocking inbound echo requests when Nachi hit.  It didn't seem
to cause any significant problems, and has been largely left in place.
A few key addresses are allowed through the block, but most are still
denied.

- ken


Certainly, doing so is not a huge security gain, but the alternative
means you're giving away the map anonymously.
How polar is the community on this?

Thanks.

Current thread:

ICMP blocking Gary Dobbins (Dec 06)
- <Possible follow-ups>
- Re: ICMP blocking ken lindahl (Dec 06)
- Re: ICMP blocking Jeff Kell (Dec 06)
- Re: ICMP blocking Constantakos, William (Dec 06)
- Re: ICMP blocking Randy Marchany (Dec 06)
- Re: ICMP blocking David Gillett (Dec 06)
- Re: ICMP blocking John Ladwig (Dec 06)
- Re: ICMP blocking David Lundy (Dec 06)
- Re: ICMP blocking Gary Flynn (Dec 06)
- Re: ICMP blocking Ken Connelly (Dec 06)
- Re: ICMP blocking Russell Fulton (Dec 07)
- Re: ICMP blocking Joe St Sauver (Dec 07)