Full Disclosure mailing list archives
Re: ICMP (was: daily internet traffic report)
From: Barrie Dempster <barrie () reboot-robot net>
Date: Mon, 18 Oct 2004 11:07:47 +0100
On Sun, 2004-10-17 at 16:35 -0600, James Edwards wrote:
That is great till you want to run a server behind that firewall.
<snip> If the server is behind the firewall the firewall will be aware of the connection passing through and will therefore regard the packets as legitimate. I agree with you though blocking ICMP isn't much towards security although as said before if we block everything and whitelist we are closer to a secure system. (The whitelist here being, RELATED connections) -- Barrie Dempster (zeedo) - Fortiter et Strenue http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: [SPAM] Your daily internet traffic report, (continued)
- Re: [SPAM] Your daily internet traffic report Gary E. Miller (Oct 17)
- Re: [SPAM] Your daily internet traffic report Willem Koenings (Oct 17)
- ICMP (was: daily internet traffic report) Frank de Wit (Oct 17)
- Re: ICMP (was: daily internet traffic report) James Edwards (Oct 17)
- Re: ICMP (was: daily internet traffic report) Cedric Blancher (Oct 17)
- Re: ICMP (was: daily internet traffic report) James Edwards (Oct 17)
- Re: ICMP (was: daily internet traffic report) Cedric Blancher (Oct 17)
- Re: ICMP (was: daily internet traffic report) james edwards (Oct 18)
- Re: ICMP (was: daily internet traffic report) Cedric Blancher (Oct 18)
- Re: ICMP - Today India, Samoa, and Iran are in the tank - back to orginal thread DDoS, or No DDoS? vigilaro (Oct 18)
- ICMP (was: daily internet traffic report) Frank de Wit (Oct 17)
- Re: ICMP (was: daily internet traffic report) Barrie Dempster (Oct 18)
- Re: ICMP (was: daily internet traffic report) Ron DuFresne (Oct 17)
- Re: ICMP (was: daily internet traffic report) Frank de Wit (Oct 18)