On Thu, Nov 19, 2009 at 10:11 AM, Cynthia Wahome <cwahome@jambo.co.ke>wrote:
Hello All From a security point of view,is it advisable to block ICMP packets on your router? if so how do you do it? on the other hand, ICMP is very critical especially for network troubleshooting. also with the fibre now active, there cud be many hacking attempts. So how do you balance?
Regards Cynthia
Hello @Cynthia, IMO blocking ICMP is may cause problems with route entries. If you think that an ICMP DOS is imminent, I'd suggest create a pool of say 8kbps bandwidth and allocate that to ICMP protocol. They can try as much, they ain't going nowhere. The creation of the 8kbps pool is to allow real imcp traffic to work, but immediately that traffic is pushed ( which is not normal ), the icmp pool will start to timeout and drop packets. Goodbye to the Dossers, with packet drops, what can they really do but look for alternative ports and not icmp... :-) Haiya, chai na mandazi....... :-)))))) Me thots.