[j-nsp] Block traceroute and Allow Ping

[Stefan Fouant]

On Wed, Sep 30, 2009 at 5:09 AM, Masood Shah <masoodshah at juniper.net> wrote:

>
> If you are REALLY paranoid, you can DROP all UDP traffic and then only open
> the ports that you have services running on. Sometimes this is easier said
> than done though.
>

I wouldn't call this paranoia.  I would call this "good security posture".

-- 
Stefan Fouant