On Thu, Mar 27, 2003 at 10:10:15AM -0600, Richard Humphrey wrote: > ICMP is the service that allows others to ping your machine.
ICMP is much more than this. ICMP groups a lot of control messages that are needed for some aspects of IP based protocols, as well as improving on others. Ping is just the best known ICMP based application, but there are others: - ICMP host/network unreachable, allows your applications to timeout faster when there is a problem with a host you are trying to talk to. - MTU discovery uses ICMP packets with the IP "Don't fragment" flag set to determine the effective MTU for a TCP connection in order to avoid datagram fragmentation. - Many more to be exhaustive here. As for the OP's question, there is no inherent danger in the ICMP protocol itself being open in a firewall, though there have been security exploits in some ICMP implementations (SMURF, Ping of Death, etc.). I would tend to agree with the person who recomended you to allow ICMP, with one catch. Close access from outside your network to the network and broadcast addresses (who needs to broadcast into your network anyway). Additionally, I have to recomend you to get a good book on TCP/IP and IP security, so you can better understand the implications of opening or closing a certain protocol on the firewall. Cheers, -- Javier Gostling D. <[EMAIL PROTECTED]> -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
