No. If they feel they are having troubles, I would have them conact you - AFTER they
have verified that their systems and net access are OK. They should be able to
conclude that it's at your end, just by verifying that all of their systems and net
access is OK all the way to you.
If your systems are having trouble, then your local management systems should notify
you, not your business partner. You want to run only what you must and no more. Don't
allow services or protocols thru, just so your business partner can manage your
systems as if they were theirs.
Best of luck!
Robert
- -
Robert P. MacDonald, Network Engineer
G o r d o n F o o d S e r v i c e
Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
>>> "Ralf G�nthner" <[EMAIL PROTECTED]> 5/23/00 9:29:57 AM >>>
>
>We have a certain e-business server in a DMZ. Until now, I dropped any ping packets
>directed at this
>system's public address from the outside world.
>
>Now customer service wants me to allow echo request packets to reach the public
>address, so customers
>who have access problems can verify the reachability of our server.
>
>Should I allow this or not? I'm afraid of opening up routes for exploits not to
>mention tools like nmap asf.
>
>Any opinions very much welcome
>
>Ralf G.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
