Security Basics mailing list archives
RE: ICMP (Ping)
From: "Jay Woody" <jay_woody () tnb com>
Date: Mon, 08 Sep 2003 12:29:25 -0500
Tim, Last time I promise here man. Obviously you and I don't agree on it. I explained why I feel the way that I do and now you and everyone else are free to decide how you want to handle it. This is a basics list where people are supposed to share ideas and learn how to set up their stuff. A place to ask questions without being slammed. I guess it all boils down to that most people would agree that there is nothing inherently wrong with denying pings (unless obviously it is your only answer to security) and it may buy you some blocks. You and I are debating how much, but to each his own. You've pretty much turned every note I've typed into a line by line rip up and it has gotten pretty petty and basically impossible to follow or respond to the myriad of stuff now. I've tried to speak to you from my experience and offer the experience of others, you claim your experience is different. Great! Cool! Everyone should be aware that not everyone sees the same thing. The way that you have responded to the previous notes have pretty much made the thread impossible to follow now anyway, so I'll bow out here. I can't bring myself to take the time to get through the personal stuff and respond t the technical any more, so it is pretty useless at this point to try. I think even you would agree that dropping ICMP stops some scans. Period. Maybe 1, maybe 10,000 (my guess is that the number is somewhere in between :). To some, stopping that one may be worth it. To some stopping 10,000 may not be worth it. Everyone has to make that choice. You've done nothing to sway me and I have done nothing to sway you, so enough with the petty stuff. Man, you asked why would some people do it and I told you why some people do. If you didn't want the answer don't ask the question. Especially on a basics list man. Most of this list is here to learn, not get ripped. We don't want them scared to ask man, encourage it. Like I said, you may not agree with it, but you asked and I attempted to answer it. Sorry it didn't seem to meet up to your standards, but perhaps a basics list is not the right place to hammer this one out. People should feel comfortable to ask and answer on a list like this without it getting weird that fast. Good luck and see you around man. JayW --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- RE: ICMP (Ping), (continued)
- RE: ICMP (Ping) Preston Newton (Sep 08)
- Re: ICMP (Ping) Fyodor (Sep 09)
- FW: ICMP (Ping) check (Sep 08)
- Re: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Halverson, Chris (Sep 08)
- RE: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) jfastabe (Sep 08)
- Re: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) Lee Rich (Sep 08)
- RE: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Tim Greer (Sep 08)
- Re: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Jay Woody (Sep 08)
- RE: ICMP (Ping) Halverson, Chris (Sep 08)
- RE: ICMP (Ping) Jay Woody (Sep 08)
- Re: ICMP (Ping) Jay Woody (Sep 08)
- Re: ICMP (Ping) Tim Greer (Sep 08)
- RE: ICMP (Ping) Schouten, Diederik (Diederik) (Sep 08)
- RE: ICMP (Ping) Tony Kava (Sep 08)
(Thread continues...)