Re: [newbie] Shorewall - OK to accept ICMP type 8 from all?

[Raffaele Belardi]

Better not if your machine has a public static IP address. ICMP type 8 
(ping) can be used to discover the IP address through ping 'storms', and 
then use it for attacks to higher level protocols. Also there is the 
ping of death attack that can crash your machine - although maybe newer 
TCP/IP implementations are immune.

I'm sure there is a way to request IPtables not to log the 
rejected/dropped ping packets, but I wouldn't be able to tell you OTOH. 
Maybe somebody else already knows.

raffaele

[EMAIL PROTECTED] wrote:
Hi All

Can someone please tell me if accepting all ICMP type 8 packets from all 
(including internet) poses much of a security threat.  I previously only 
allowed these to/from my local network but I was getting a bit peeved at 
the number of entries in the logs/email which amount to hundreds of lines 
every day.

Any advice appreciated.

Sharrea

------------------------------------------------------------------------

Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com