<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2963" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2>Generally speaking, there is no active harm in allowing all ICMP. The
only possible downside (OS security issues aside) is, as you say,
anonimity/privacy.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2>It is theoretically possible to do some IP fingerprinting on a device via
ICMP, so people might know what super-type of OS you're
using.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2>Also, if there was some bizarre exploit around or a new trojan that
allowed tunneling over ICMP (which is technically possible), then there's a
small chance you could be _slightly_ more vulnerable to such an
attack.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=938190200-17082006><FONT face="Courier New"
size=2>Ultimately, if you really want to see the difference, run nmap against
your machine and see what you get back.</FONT></SPAN></DIV><SPAN
class=938190200-17082006><FONT face="Courier New" size=2>
<DIV dir=ltr align=left><BR>Cheers,</DIV>
<DIV dir=ltr align=left> </DIV>
<DIV dir=ltr align=left></FONT></SPAN> <SPAN
class=938190200-17082006><FONT face="Courier New"
size=2>Fenn.</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> melbwireless-bounces@wireless.org.au
[mailto:melbwireless-bounces@wireless.org.au] <B>On Behalf Of </B>Mark
Aitken<BR><B>Sent:</B> Thursday, 17 August 2006 7:53 AM<BR><B>To:</B>
melbwireless@melbournewireless.org.au<BR><B>Subject:</B> Re: [MLB-WIRELESS]
Firewall rule?<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV>Hmmm, it all starts to get confusing once you get differing
opinions. And also the fact that I cant see a way to individulise the
various types of ICMP packet for filtering in Tiny Personal Firewall. I
think ZoneAlarm is a little more configurable, I may look at that?</DIV>
<DIV> </DIV>
<DIV>My main reason for not wanting ICMP packets are anonimity. That
aside, what harm, if any, could happen if I just allowed ALL ICMP
packets?</DIV>
<DIV> </DIV>
<DIV>I must say though, my torrents have never been fasted since I denied ALL
ICMP traffic (???).</DIV>
<DIV> </DIV>
<DIV>Regards</DIV>
<DIV> </DIV>
<DIV>Mark</DIV>
<P>
<HR SIZE=1>
Do you Yahoo!?<BR><A
href="http://au.rd.yahoo.com/launch/mail/**http%3A%2F%2Fau.launch.yahoo.com%2Fgig-guide%2F">Yahoo!
Music: Check out the gig guide for live music in your
area</A></BLOCKQUOTE></BODY></HTML>