Hi, Birsen.
] I was looking for information about denying ICMP packets accross the
] backbone. What is the efficient/reccomended way of doing it? What are the
Hmm, I wouldn't block all ICMP. This can lead to other problems. ICMP
isn't just the hacker's protocol. :) Rate limiting is good, and I have
an example of that in my Secure IOS Template:
http://www.cymru.com/~robt/Docs/Articles/secure-ios-template.html
I have some thoughts on the filtering of ICMP at the edge here:
http://www.cymru.com/~robt/Docs/Articles/icmp-messages.html
I hope this helps!
Thanks,
Rob.
-- Rob Thomas http://www.cymru.com/~robt ASSERT(coffee != empty);
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:39 EDT