Security Basics mailing list archives
RE: Removing ping/icmp from a network
From: "Joachim Thuau" <jthuau () heavy-iron com>
Date: Wed, 26 Mar 2008 12:29:02 -0700
From: Jason Thompson Subject: Re: Removing ping/icmp from a network
[snip]
I don't see any ICMP messages that are a MUST for network operation.
The one system that I know makes use of ICMP messages is Active Directory. It uses ICMP to establish a number of parameters regarding speed of the links between Clients and Domain controllers. See the note at the following KB article for some details: http://support.microsoft.com/kb/227260/ With this in mind, you could setup rules for ICMP traffic to only be allowed to Domain Controllers, which would be sufficient for normal operation of AD. Jok
Current thread:
- Re: Removing ping/icmp from a network, (continued)
- Re: Removing ping/icmp from a network Razi Shaban (Mar 28)
- Re: Removing ping/icmp from a network Michael Painter (Mar 28)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Mar 28)
- Re: Removing ping/icmp from a network Michael Painter (Mar 31)
- RE: Removing ping/icmp from a network Ric Messier (Mar 28)
- RE: Removing ping/icmp from a network Adewale, Akin (IT Services - Infosec Team) (Mar 28)
- RE: Removing ping/icmp from a network Craig Wright (Mar 28)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Mar 28)
- Re: Removing ping/icmp from a network Jason (Mar 28)
- Re: Removing ping/icmp from a network Ansgar -59cobalt- Wiechers (Mar 31)
- Re: Removing ping/icmp from a network Jon R. Kibler (Mar 26)
- Re: Removing ping/icmp from a network Jason (Mar 26)