At 09:05 PM 10/19/2002, you wrote: >Where do I find the list of icmp types and what they do? I want to >configure my firewall but I need to know what the pros and cons are of >each type. The answer from a firewall perspective varies according to who you ask. Some will say block all ICMP. Others will say allow all ICMP. Most will fall in the middle, allowing some types/codes and blocking others. It really depends upon your requirements, how cooperative you want to be with remote hosts, and your general paranoia level. Depending upon how in-depth of a discussion you're interested in, I found a fantastic document about the good and evil of ICMP, and in fact based much of my firewall's ICMP configuration on the information it presented. "ICMP Usage in Scanning: The Complete Know-How" by Ofir Arkin (http://www.sys-security.com) goes into a good amount of detail about the various ICMP types and codes. While the focus of the paper is ultimately on the use of ICMP for OS fingerprinting and scanning, it covers the legitimate and not-so-legitimate uses of ICMP, and should provide the information needed to determine what to allow and what to block, depending upon the issues I mentioned above. Cheers, Doug ------------------------------------------------------------ This email, and any included attachments, have been checked by Norton AntiVirus Corporate Edition (Version 7.6), AVG Server Edition 6.0, and Merak Email Server Integrated Antivirus (Alwil Software's aVast! engine) and is certified Virus Free. -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
