> However do you have the luxury of having your members coming from a block of
> IPs
World wide website... so it is either everything or nothing...
> Blocking ping has always been a pet peeve of mine. Aside from violating
> RFC-1122
> (3.2.2.6 Echo Request/Reply: RFC-792 Every host MUST implement an ICMP Echo
> server function that receives Echo Requests and sends corresponding Echo
> Replies.)
>
> It provides *no* additional security & makes troubleshooting network issues
> that
> much more difficult.
So I guess I will look into adding these rules into shorewall.
Thx for all the answers,
JD
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
