Hi Scott: >> As a rule of thumb, when people ask me for assistance regarding troubles reaching a computer and I can't ping it, I tell them that it can't be pinged, and they have to take care of it from there. If you disable a vital networking tool, you need to accept the consequences. <<
That's fine - IF I asked Computerized Horizon to diagnose connectivity to my network, I would support that position. But, since we are NOT talking about that, I really don't see how your comment could remotely apply to the issue at hand. The ONLY entity who has any reason to "diagnose" my connectivity are my backbone providers - and anyone can ping up to and even across my border routers to the internal interfaces. There is no point, even for THEM, to ping INSIDE my network, because my local Ethernets and its wiring are MY responsibility - not theirs. (The only exception might be if they were managing my border routers for me.) Anyone who successfully ping across my router has done all the diagnostics they need to do. I can handle it from there. If anyone wants to ping inside my network, they'll have to come to my office and then they are more than happy to send ICMP commands all over my Ethernets. I suggest people become familiar with the very long list of various ICMP exploits and DOS attacks, before suggesting that it should be "wide open". I repeat that all connections via any protocol should be disallowed to any machine, except for those expressly needed by the applications of a particular machine. By the way, I do permit CERTAIN ICMP traffic across the border routers. Best Regards Andy Schmidt H&M Systems Software, Inc. 600 East Crescent Avenue, Suite 203 Upper Saddle River, NJ 07458-1846 Phone: +1 201 934-3414 x20 (Business) Fax: +1 201 934-9206 http://www.HM-Software.com/ --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
