On Wed, 1 Dec 2004 13:42:20 +0000
Timothy Murphy <tim at birdsnest.maths.tcd.ie> wrote:
> On Wednesday 01 December 2004 11:42, Liam Bedford wrote:
>> > Once the machines blocked ICMP,
> > the number of attacks per hour dropped drastically. Which is
> > unfortunate, because it'll lead to even more people thinking
> > blocking ICMP is a good thing to do.
>> Isn't it?
Blocking ICMP is bad. Most things rely on it, and will fail without it.
Now - there are some ICMP message types that give away more information
about your network than you might like - so blocking them may have some
minor benefit to your network ...
For more details a quick browse of your includes files.
more /usr/include/linux/icmp.h
#define ICMP_ECHOREPLY 0 /* Echo Reply */
#define ICMP_DEST_UNREACH 3 /* Destination Unreachable */
#define ICMP_SOURCE_QUENCH 4 /* Source Quench */
#define ICMP_REDIRECT 5 /* Redirect (change route) */
#define ICMP_ECHO 8 /* Echo Request */
#define ICMP_TIME_EXCEEDED 11 /* Time Exceeded */
#define ICMP_PARAMETERPROB 12 /* Parameter Problem */
#define ICMP_TIMESTAMP 13 /* Timestamp Request */
#define ICMP_TIMESTAMPREPLY 14 /* Timestamp Reply */
#define ICMP_INFO_REQUEST 15 /* Information Request */
#define ICMP_INFO_REPLY 16 /* Information Reply */
#define ICMP_ADDRESS 17 /* Address Mask Request */
#define ICMP_ADDRESSREPLY 18 /* Address Mask Reply */
etc...
The ICMP_ECHO is for Ping ...
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
