I have 0 visible services, but I still don't want people doing port scans. Why pose a target when I don't have to. There is no reason why anybody should be pinging my house. Therefore, I don't let them. Why would I enable anything to let people see me? Stardard security practice: Only allow what is *needed*, and I don't *need* anybody pinging me. If I do, I'll turn it on. Eric -----Original Message----- From: Josh Huber [mailto:huber@alum.wpi.edu] Sent: Friday, April 09, 2004 10:50 AM To: wlug@mail.wlug.org Subject: Re: [Wlug] Verizon DSL on SuSE "Martin, Eric" <MartinE@worc.k12.ma.us> writes:
I personally have my firewall configured to drop pings. If they don't know you're there, you aren't a target. Granted it doesn't keep seasoned hackers off your box, but it's one more piece of security.
I don't buy that argument. Two situations: 1) You have no other internet-visible services: * What's the harm in allowing icmp echo? Who cares, unless there happens to be some vulnerable ICMP code in the kernel. I suppose that's a risk I'd be willing to take. :) 2) You have other internet-visible services: * A port scan will reveal you, regardless of ICMP responses. -- Josh Huber _______________________________________________ Wlug mailing list Wlug@mail.wlug.org http://mail.wlug.org/mailman/listinfo/wlug