[CentOS] Ping and traceroute...
John Doe
jdmls at yahoo.com
Mon Jan 26 10:20:31 UTC 2009
> However do you have the luxury of having your members coming from a block of IPs
World wide website... so it is either everything or nothing...
> Blocking ping has always been a pet peeve of mine. Aside from violating RFC-1122
> (3.2.2.6 Echo Request/Reply: RFC-792 Every host MUST implement an ICMP Echo
> server function that receives Echo Requests and sends corresponding Echo
> Replies.)
>
> It provides *no* additional security & makes troubleshooting network issues that
> much more difficult.
So I guess I will look into adding these rules into shorewall.
Thx for all the answers,
JD
More information about the CentOS
mailing list