Firewall Wizards mailing list archives
traceroute
From: "Wigg, Guy G" <GWigg () mail sbic co za>
Date: Sun, 24 Jun 2001 14:33:13 +0200
Hi All Just looking for a bit of advice please, our Internet Team wish to be able to do traceroutes from our webservers onto the internet as they believe that this will assist in resolving network problems that occur from time to time. Currently we don't allow any ICMP from the Internet into our network/DMZ. What would the risk be of allowing ICMP time exceeded packets into our network? ( I presume this is all we need, to allow trace routes from our webservers out onto the net?). I realise opening another port on the firewall increases the risk, but is this a manageable risk? thanks Guy _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- traceroute Wigg, Guy G (Jun 24)
- <Possible follow-ups>
- Re: traceroute Bill_Royds (Jun 25)