[Freeswitch-users] ICMP... and MTU

Claus Andersen clan at wheel.dk
Wed Feb 19 19:39:43 MSK 2014


On Wed, 19 Feb 2014, Claus Andersen wrote:

> On Wed, 19 Feb 2014, Cesar Bermudez wrote:
>
>> Sorry to ask, but ..
>
> There are no stupid questions - only stupid answers.

...and the pain of reading you own answer...

I forgot to add the actual advice. If you would like to avoid breaking as 
much as possible but block the obvious dangerous stuff then you should 
block for ICMP redirect (type 5). That can be used for re-routing and 
should then actively be avoided.
The rest is fairly benign. Personally I rarely block for ICMP echo. Ping 
is a very nice diagnostic tool. Some will argue that it can be used to 
find a attack vector (that is: confirm something is there). But mostly you 
are actively provding services from your host so that vector is easily 
found anyway. But as long as you understand the implications it is OK to 
block (or not).

Kind Regards,
Claus Andersen



Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users mailing list