Re: Ping

To: debian-firewall@lists.debian.org
Subject: Re: Ping
From: Adam Lydick <awlydick@bulldog.unca.edu>
Date: 25 Feb 2002 12:00:12 -0500
Message-id: <[🔎] 1014656413.496.16.camel@lorien>
In-reply-to: <[🔎] 874rk5jyt1.wl@shyrka>
References: <[🔎] 000c01c1be0e$bc632bc0$8c2798d5@laptop> <[🔎] 1014650278.625.85.camel@zarniwoop> <[🔎] 874rk5jyt1.wl@shyrka>

This is rather unrelated to the technical aspects of blocking ping.

My question -- why bother?

If you have services open to the outside world, someone scanning for
vulnerable daemons is probably just going to take the popular approach -
just attempt to run the attack on all routed IP space. (recent scanning
that I've seen in my system logs certainly seems to validate this)

Why bother blocking pings, if nothing else? If blocking other traffic,
why care about pings? If you are "special" enough to be the target of a
determined/casual attacker that already knows that you are there, I'd
imagine that it is a bit late to try to look invisible.

Adam

Reply to:

References:
- Ping
  - From: "Charlie Grosvenor" <charlie@thegrosvenors.fsnet.co.uk>
- Re: Ping
  - From: Bart-Jan Vrielink <bartjan@vrielink.net>
- Re: Ping
  - From: Stelios Bounanos <sb@dial.pipex.com>

Prev by Date: Re: Ping
Next by Date: Re: Blocking Reserved IP's
Previous by thread: Re: Ping
Next by thread: Blocking Reserved IP's
Index(es):
- Date
- Thread