[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] ICMP (was: daily internet traffic report)

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] ICMP (was: daily internet traffic report)
From: Barrie Dempster <barrie@xxxxxxxxxxxxxxxx>
Date: Mon, 18 Oct 2004 11:07:47 +0100

On Sun, 2004-10-17 at 16:35 -0600, James Edwards wrote:
> 
> That is great till you want to run a server behind that firewall.
<snip>

If the server is behind the firewall the firewall will be aware of the
connection passing through and will therefore regard the packets as
legitimate.

I agree with you though blocking ICMP isn't much towards security
although as said before if we block everything and whitelist we are
closer to a secure system.
(The whitelist here being, RELATED connections)

-- 
Barrie Dempster (zeedo) - Fortiter et Strenue

  http://www.bsrf.org.uk

[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

Attachment: signature.asc
Description: This is a digitally signed message part

References:
- Re: [SPAM] [Full-Disclosure] Your daily internet traffic report
  - From: Willem Koenings
- [Full-Disclosure] ICMP (was: daily internet traffic report)
  - From: Frank de Wit
- Re: [Full-Disclosure] ICMP (was: daily internet traffic report)
  - From: James Edwards
- Re: [Full-Disclosure] ICMP (was: daily internet traffic report)
  - From: Cedric Blancher
- Re: [Full-Disclosure] ICMP (was: daily internet traffic report)
  - From: James Edwards

Prev by Date: [Full-Disclosure] Re: Any update on SSH brute force attempts?
Next by Date: [Full-Disclosure] [SECURITY] [DSA 556-2] New netkit-telnet packages really fix denial of service
Previous by thread: Re: [Full-Disclosure] ICMP - Today India, Samoa, and Iran are in the tank - back to orginal thread DDoS, or No DDoS?
Next by thread: Re: [Full-Disclosure] ICMP (was: daily internet traffic report)
Index(es):
- Date
- Thread