[clug] Dropped icmp packets - means what?

Peter Barker pbarker at barker.dropbear.id.au
Fri Aug 22 10:57:46 EST 2003

On Fri, 22 Aug 2003, Kim Holburn wrote:

> Not at all.  If you are a server or a router answering a ping is usually
> a good idea otherwise not answering is a good idea generally since there
> are few good reasons to let most people on the internet know you are
> there.

Does the phrase, "Security by obscurity" ring a bell here? It should not
matter whether they can detect you're there with a ping; if you fear being
detected, resolve the cause of the fear. If you happen to have, say, an
open RPC port, blocking pings is not going to help you :-)

ICMP is a useful tool. Removing a tool because it can be abused is not a
good idea IMHO.

Peter Barker                          |   N    _--_|\ /---- Barham, Vic
Programmer,Sysadmin,Geek              | W + E /     /\
pbarker at barker.dropbear.id.au         |   S   \_,--?_*<-- Canberra
You need a bigger hammer.             |             v    [35S, 149E]
"They'll need a whole new Orwellian pseudo-crime-name for that... I
 suggest "digital molestation of kittens". -  Jeremi (14640) from Slashdot

More information about the linux mailing list