Firewalls: Firewalls Digest V3 #101

Firewalls
(May 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Firewalls Digest V3 #101
From:	Karl Fox <karl @ MorningStar . Com>
Organization:	Morning Star Technologies, Inc.
Date:	Tue, 3 May 94 09:33:34 -0400
To:	Luther Garcia <luth @ sprintlink . net>
Cc:	firewalls @ greatcircle . com

I would think that a number of routers out there would be able to
block ICMP packets based on type and code (ours does).  If your vendor
doesn't do this, ask them to add it -- it's a pretty simple addition,
and obviously pretty useful, too.

   From: Luther Garcia <luth @
 sprintlink .
 net>
   Date: Fri, 1 Apr 1994 12:54:38 -0500 (EST)
   Subject: "ICMP redirects"

	   I was wondering if anyone out there knows a way to protect from
   forged ICMP redirects.  We can't just disable ICMP as we need the 
   ability to do pings.  Any suggestions would be apprecitated and carefully
   considered.

		   luth @
 tiny .
 sprintlink .
 net

Follow-Ups:

Re: Firewalls Digest V3 #101
From: Luther Garcia <luth @ sprintlink . net>

Indexed By Date	Previous:	Re: Network Management Proxies and Firewalls From: lazear @ dockside . mitre . org
Indexed By Date	Next:	Router advice needed From: lafko @ ici . com (David A. Lafko)
Indexed By Thread	Previous:	Re: mail handling From: Marcus J Ranum <mjr @ tis . com>
Indexed By Thread	Next:	Re: Firewalls Digest V3 #101 From: Luther Garcia <luth @ sprintlink . net>