Digital BW, The Print

Please note, however, that RFC 1122 (Requirements for Internet Hosts) 
states in section 3.2.2.6:

"Every host MUST implement an ICMP Echo server function that receives 
Echo Requests and sends corresponding Echo Replies."

Nowhere in 1122 (which is *the* spec for this sort of thing) does it say 
that ICMP Echo (ping) servers may be disabled or set to ignore ICMP Echo 
packets.  The sole exception is for an ICMP Echo packet destined for a 
broadcast or multicast destination IP.  Disabling Echo Replies makes 
your TCP/IP implentation non-compliant with the standard.

I'm in the business of making tools to make the Internet, and systems 
with ICMP Echo Reply disabled prove to be a real pain for network 
people.  "Ping" is there for a very good reason.  It isn't dangerous. 
Please leave it enabled if you possibly can.

[diatribe: off]

Best wishes,
-- 
Jon ( entropy@... )


sceptre12345 wrote:

> --- In DigitalBlackandWhiteThePrint@yahoogroups.com, "Anthony G. 
> Atkielski" <anthony@a...> wrote:
> 
>>>Ping requests are sent by, amongst others, hackers and spammers
>>>looking for unprotected computers which they can later use for 
>>>massive email spamming or even denial of service attacks.
>>
>>If your system/network is otherwise secure, there's no harm in
>>responding to pings.
> 
> 
> 
> "Ping is a network troubleshooting utility. It asks your computer to 
> acknowledge its existence. If your computer responds positively to a 
> ping, hackers are more likely to target your computer."
> 
> In checking the traffic log of the old firewall I could see ping 
> requests from all over the world. But they do not stop at the first 
> ping, they go on and on. Put several of them together and you've got 
> what looks like a network slowdown. 
> 
> Internet denial of service attacks works in the same way, but at a 
> more intense level. Giving your internet connection stealth status is 
> one way to ensure you get the maximum speed from your connection.
> 
> Cheers,
> Andre