> I don't consider it much harm aslong as icmp type 0,3,4,8,11,12 get through... > but you still have the dilemma "should they filter" - I would vote "no", though > I see the possibilities and the strength in doing filtering in the core - it's just > the lack of trust in the folks that would do the filtering... or say: those who say > what should be filtered.
It would be far enough if they would tell us "please consider about filtering/shaping this/that kind of packet due to this/that reason...". and filtering this doesnt bring anything against dDoS, once the kiddies will see ICMP has no effect they'll move to another protocol... I personally think that by applying this filter, they do not respect they standart SLA... Pascal ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/