[outages] www.house.gov not reachable.
Goltz, Jim (NIH/CIT) [E]
jgoltz at mail.nih.gov
Mon Sep 29 14:24:02 EDT 2008
Carl Perry <caperry at edolnx.net> writes:
> It's been a few years since the "ping death" scares of 1997, do we
> really need to stop dropping any ICMP traffic anymore?
I used to routinely drop ICMP from outside (at a different employer) because of the use at the time of ICMP as a covert communications channel by Loki and similar malware. ICMP messages were (are) also very useful for mapping services on a network.
This was before "stateful" packet inspection on ICMP was commonplace, and before ICMP traffic could be selectively blocked by type.
--
Jim Goltz <jgoltz at mail.nih.gov>
More information about the Outages
mailing list