[MLB-WIRELESS] Firewall rule?
Fenn Bailey
fenn_b at smktech.com.au
Thu Aug 17 10:06:49 EST 2006
Generally speaking, there is no active harm in allowing all ICMP. The only
possible downside (OS security issues aside) is, as you say,
anonimity/privacy.
It is theoretically possible to do some IP fingerprinting on a device via
ICMP, so people might know what super-type of OS you're using.
Also, if there was some bizarre exploit around or a new trojan that allowed
tunneling over ICMP (which is technically possible), then there's a small
chance you could be _slightly_ more vulnerable to such an attack.
Ultimately, if you really want to see the difference, run nmap against your
machine and see what you get back.
Cheers,
Fenn.
_____
From: melbwireless-bounces at wireless.org.au
[mailto:melbwireless-bounces at wireless.org.au] On Behalf Of Mark Aitken
Sent: Thursday, 17 August 2006 7:53 AM
To: melbwireless at melbournewireless.org.au
Subject: Re: [MLB-WIRELESS] Firewall rule?
Hmmm, it all starts to get confusing once you get differing opinions. And
also the fact that I cant see a way to individulise the various types of
ICMP packet for filtering in Tiny Personal Firewall. I think ZoneAlarm is a
little more configurable, I may look at that?
My main reason for not wanting ICMP packets are anonimity. That aside, what
harm, if any, could happen if I just allowed ALL ICMP packets?
I must say though, my torrents have never been fasted since I denied ALL
ICMP traffic (???).
Regards
Mark
_____
Do you Yahoo!?
Yahoo!
<http://au.rd.yahoo.com/launch/mail/**http%3A%2F%2Fau.launch.yahoo.com%2Fgig
-guide%2F> Music: Check out the gig guide for live music in your area
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wireless.org.au/pipermail/melbwireless/attachments/20060817/c00af6e9/attachment.html>
More information about the Melbwireless
mailing list