Firewall Wizards mailing list archives
Re: ICMP blocking on PIX .4.4.1
From: nawk <nawk () real-secure com>
Date: Fri, 21 Apr 2000 09:14:51 -0700 (PDT)
Hi, I think it's best practice to block things like icmp and spoofing on your routers not firewall. The firewall is just to block things like ports and provent access to your internal network. On Thu, 20 Apr 2000 phred () pacificwest com wrote:
Date: Thu, 20 Apr 2000 17:47:57 -0400 (EDT) From: phred () pacificwest com To: firewall-wizards () nfr net Subject: [fw-wiz] ICMP blocking on PIX .4.4.1 Yesterday our site underwent a Smurf attack which we quickly stopped by blocking ICMP traffic through the firewall. I have a need to perform tracerouts from inside to the outside through the PIX firewall (v 4.4.1.) Is there a way to allow ping and traceroute from inside to outside and still defend against smurf like attacks? ---------------------------------------------------------------- Get your free email from AltaVista at http://altavista.iname.com
Current thread:
- ICMP blocking on PIX .4.4.1 phred (Apr 20)
- Re: ICMP blocking on PIX .4.4.1 R. DuFresne (Apr 21)
- Re: ICMP blocking on PIX .4.4.1 Bill Pennington (Apr 24)
- Re: ICMP blocking on PIX .4.4.1 Adam Olson (Apr 26)
- Re: ICMP blocking on PIX .4.4.1 nawk (Apr 26)
- Re: ICMP blocking on PIX .4.4.1 Jim Seymour (Apr 27)
- Re: ICMP blocking on PIX .4.4.1 R. DuFresne (Apr 28)
- ICMP blocking on PIX .4.4.1 majordomo (Apr 28)
- Re: ICMP blocking on PIX .4.4.1 Jim Seymour (Apr 27)
- <Possible follow-ups>
- Re: ICMP blocking on PIX .4.4.1 Jeffery . Gieser (Apr 24)
- Re: ICMP blocking on PIX .4.4.1 Steven M. Bellovin (Apr 28)