[olug] VNC w/Qwest

Kevin sharpestmarble at gmail.com
Tue Oct 16 15:15:47 UTC 2007


On 10/16/07, Luke -Jr <luke at dashjr.org> wrote:
> > Blocking ICMP at the border of your network is the same as blocking
> > any other protocol at the border of your network. If there's not a
> > defined business need for allowing a protocol in and out of your
> > network and there are security concerns related to that protocol, then
> > don't allow it.
>
> Network debugging is always a need.

Then debug from inside the firewall.

> There are no security concerns related to ICMP.
If I'm looking for a random computer to attack, I'll use a ping scan
to find a random computer. If it replies to pings, then the "system
administrator"(an end user who probably doesn't care how many virii it
has as long as they can get their email and surf the web) probably
hasn't taken the time to do other important security things, like turn
on automatic updates.



More information about the OLUG mailing list