- To: firstname.lastname@example.org
- Subject: Re: Ping
- From: Adam Lydick <email@example.com>
- Date: 25 Feb 2002 12:00:12 -0500
- Message-id: <1014656413.496.16.camel@lorien>
- In-reply-to: <874rk5jyt1.wl@shyrka>
- References: <000c01c1be0e$bc632bc0$8c2798d5@laptop> <1014650278.625.85.camel@zarniwoop> <874rk5jyt1.wl@shyrka>
This is rather unrelated to the technical aspects of blocking ping.
My question -- why bother?
If you have services open to the outside world, someone scanning for
vulnerable daemons is probably just going to take the popular approach -
just attempt to run the attack on all routed IP space. (recent scanning
that I've seen in my system logs certainly seems to validate this)
Why bother blocking pings, if nothing else? If blocking other traffic,
why care about pings? If you are "special" enough to be the target of a
determined/casual attacker that already knows that you are there, I'd
imagine that it is a bit late to try to look invisible.
- From: "Charlie Grosvenor" <firstname.lastname@example.org>
- Re: Ping
- From: Bart-Jan Vrielink <email@example.com>
- Re: Ping
- From: Stelios Bounanos <firstname.lastname@example.org>