| 1 |
hi, |
| 2 |
|
| 3 |
you're mixing up icmp and ping. ping is not the same as icmp. maybe you |
| 4 |
don't really need everyone to be able to ping, but you need at least |
| 5 |
some icmp for tcp/ip to function correctly. for example you should |
| 6 |
*never* drop destination-unreachable icmp packets. |
| 7 |
|
| 8 |
recommending people to improve their security by "disabling icmp type 0 |
| 9 |
in the firewall" is WRONG. |
| 10 |
|
| 11 |
you should correct this in |
| 12 |
http://www.gentoo.org/doc/gentoo-security.html before too many people |
| 13 |
have misconfigured their firewalls. |
| 14 |
|
| 15 |
best regards, |
| 16 |
|
| 17 |
hanus adler |
| 18 |
|
| 19 |
-- |
| 20 |
One Unix to rule them all, One Resolver to find them, |
| 21 |
One IP to bring them all and in the zone to bind them. |
Archives