Re: FIREWALL STRATEGY (What do you think?)
Guenther Thomsen <tho@thomsen.isdn.cs.tu-berlin.de> writes:
> Yes, I totally forgot about the RFCs. RFC 792 seems to be the
> ICMP defining RFC, in /usr/src/linux/net/ipv4/icmp.c some notes are
> related to RFC 1122 "Requirements for Internet Hosts -- Communication
> Layers", RFC 1812 "Requirements for IP Version 4 Routers" and
> RFC950 "Internet Standard Subnetting Procedure".
>
> But see this:
> --8<--
> tho@leia:tho>zgrep ICMP /usr/doc/doc-rfc/all-rfcs/rfc*.txt.gz\
> |cut -f 1 -d :|uniq |wc -l
> 99
> -->8--
> Do I have to read them all? Furthermore, I guess, I could do so and
> still have no clue, how ICMP is related to network security.
>
> Well, I guess, I'll start with RFC 792 ...
>
> Guenther
Search engines are helpful. A search for "icmp firewall" at
http://www.google.com/ brings up a few interesting pages, including
one titled "Should I block all ICMP at my firewall/router?"
Reply to: