| Tuesday May 31st 2016

The Great ICMP Debate: Disable ICMP echoes or leave them on?


This one should be pretty self explanatory. If you have any sort of position regarding network security, do you allow ping requests from external IPs, or do you block them at the firewall/router level, and why?

My own personal choice, for home, is to leave them on. On for servers I use a firewall rule to deny any > 128 bytes. Also, a bot running on a box in China isn’t going to care if it can ping a box or not. Any nmap or vulnerability scanner can probe ports regardless of whether or not it’s responding to ICMP echoes. Disabling ICMP echoes will just cause a networking diagnostic headache later on. Am I wrong or missing something else? What do you guys think?

THIS IS NOT ANY SORT OF OS DEBATE! This is simply to discuss how some admins feel about best practices on the subject.

Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.