[clug] Dropped icmp packets - means what?
Peter Barker
pbarker at barker.dropbear.id.au
Fri Aug 22 10:57:46 EST 2003
On Fri, 22 Aug 2003, Kim Holburn wrote:
> Not at all. If you are a server or a router answering a ping is usually
> a good idea otherwise not answering is a good idea generally since there
> are few good reasons to let most people on the internet know you are
> there.
Does the phrase, "Security by obscurity" ring a bell here? It should not
matter whether they can detect you're there with a ping; if you fear being
detected, resolve the cause of the fear. If you happen to have, say, an
open RPC port, blocking pings is not going to help you :-)
ICMP is a useful tool. Removing a tool because it can be abused is not a
good idea IMHO.
Yours,
--
Peter Barker | N _--_|\ /---- Barham, Vic
Programmer,Sysadmin,Geek | W + E / /\
pbarker at barker.dropbear.id.au | S \_,--?_*<-- Canberra
You need a bigger hammer. | v [35S, 149E]
"They'll need a whole new Orwellian pseudo-crime-name for that... I
suggest "digital molestation of kittens". - Jeremi (14640) from Slashdot
More information about the linux
mailing list