Please forgive me if this subject has been discussed before, but I'm
a new recruit to this list.
My query is about ICMP and firewalls - what I need to block and what
I need to allow. I have been told that if a firewall allows ICMP
traffic then it is possible to discover or compromise its routing
tables (and thence fool anti-spoofing rules) - therefore turn it off.
I have also been told that ICMP is used by some routers (incl. our
ISP) to monitor its network and route trip times - therefore turn it
on if you want efficient routing to your firewall from the Internet.
I am aware that there is more than one type of ICMP message, we have
been looking at Firewall-1 and it identifies the following ICMP
Which of these would be OK, and which not ?
Any help or comments would be gratefully appreciated.
[Standard Disclaimer Applies]