Firewall Wizards mailing list archives
Re: ICMP blocking on PIX .4.4.1
From: Bill Pennington <billp () rocketcash com>
Date: Fri, 21 Apr 2000 07:49:08 -0700
I have the same issue. What I do is turn on ICMP when I need do traceroutes or pings. Kinda inconvenient. I actually find I do not need to perform a lot of traceroutes/pings when it requires a lot more effort to do so :-) phred () pacificwest com wrote:
Yesterday our site underwent a Smurf attack which we quickly stopped by blocking ICMP traffic through the firewall. I have a need to perform tracerouts from inside to the outside through the PIX firewall (v 4.4.1.) Is there a way to allow ping and traceroute from inside to outside and still defend against smurf like attacks? ---------------------------------------------------------------- Get your free email from AltaVista at http://altavista.iname.com
-- Bill Pennington Senior IT Manager Rocketcash billp () rocketcash com http://www.rocketcash.com
Current thread:
- ICMP blocking on PIX .4.4.1 phred (Apr 20)
- Re: ICMP blocking on PIX .4.4.1 R. DuFresne (Apr 21)
- Re: ICMP blocking on PIX .4.4.1 Bill Pennington (Apr 24)
- Re: ICMP blocking on PIX .4.4.1 Adam Olson (Apr 26)
- Re: ICMP blocking on PIX .4.4.1 nawk (Apr 26)
- Re: ICMP blocking on PIX .4.4.1 Jim Seymour (Apr 27)
- Re: ICMP blocking on PIX .4.4.1 R. DuFresne (Apr 28)
- ICMP blocking on PIX .4.4.1 majordomo (Apr 28)
- Re: ICMP blocking on PIX .4.4.1 Jim Seymour (Apr 27)
- <Possible follow-ups>
- Re: ICMP blocking on PIX .4.4.1 Jeffery . Gieser (Apr 24)
- Re: ICMP blocking on PIX .4.4.1 Steven M. Bellovin (Apr 28)