ICMP types to allow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I know that some networks just drop all ICMP to prevent traceroutes but
recently I've been been seeing problems related to fragementation and
MTU and wondering if dropping ICMP is causing some of that (since
Fragementation Needed packets can't get through). On the flip side of
that there's the Source Quench and Fragmentation Needed DoS attacks
which have recently become mildly popular (I've gotten a few hits on
Snort but not that many). 

I'd like to hear from the list what ICMP types firewall admins are
allowing and why - what are the risks for allowing certain types vs. the
risks of NOT allowing them?

Thanks,

Derick Anderson



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux