[Dshield] Ping??? DOS???? From DELL.COM

E.B. Dreger eddy+public+spam at noc.everquick.net
Fri Jun 21 18:53:22 GMT 2002


RW> Date: Fri, 21 Jun 2002 08:48:40 -0700
RW> From: Russell Washington


EBD> Don't drop all ICMP.  Allow unreachables to pass... else you
EBD> break path MTU discovery.

RW> Ack, good point.
RW> 
RW> And the funny thing is that I started to type "maybe just
RW> ICMP type 8" but I decided to try to keep it simple instead.
RW> D'oh! :)

:-)

For anyone considering blocking ICMP, I heartily suggest a bit of
reading on the different ICMP types.  Echo request and response
have little use.  TTL expired is handy.  Unreachables are
required.

So many firewalls sold as "appliances" have people freaking out
over normal traffic, yet feeling immune to things that slip right
through. :-(


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist at brics.com>
To: blacklist at brics.com
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist at brics.com>, or you are likely to
be blocked.




More information about the list mailing list