Network Security: Detailed info on Re: Removing ping/icmp from a network

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: Removing ping/icmp from a network

from [Secure This] Network Security

[Permanent Link]

Subject:	Re: Removing ping/icmp from a network
Date:	Wed, 26 Mar 2008 12:13:03 +0000

Jon R. Kibler wrote:

Secure This wrote:
I have a variety of clients with data centres who all make use of icmp/ping to monitor their servers/appliances/devices (often with poorly configured snmp versions 1 and 2).

Could anybody kindly advise me of tools and strategies for minimising or removing the use of icmp/ping on a supposedly secure network?

Thanks in advance
If you have any switches with layer 3 capabilities, block all icmp traffic in ACLs. For example, from a Cisco 3750:

Thanks Jon, I have plenty of ways of blocking ICMP, but I'm looking for ways of reducing it or working without it.

Many thanks.

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Removing ping/icmp from a network, (continued) RE: Removing ping/icmp from a network, Hopke, Greg Re: Removing ping/icmp from a network, Mark Owen Message not available Re: Removing ping/icmp from a network, Mark Owen Re: Removing ping/icmp from a network, Fabio Fagundes RE: Removing ping/icmp from a network, Ramsdell, Scott Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers RE: Removing ping/icmp from a network, Ramsdell, Scott Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Ansgar -59cobalt- Wiechers Re: Removing ping/icmp from a network, Jon R. Kibler Re: Removing ping/icmp from a network, Secure This <= DoD aproved disk wiping tool, JP Vicente RE: DoD aproved disk wiping tool, Timmothy Lester Re: DoD aproved disk wiping tool, John Syers Re: DoD aproved disk wiping tool, postmaster Re: DoD aproved disk wiping tool, Tremaine Lea RE: DoD aproved disk wiping tool, Kevin Ortloff RE: DoD aproved disk wiping tool, Arbogast, Paul (Citco) RE: DoD approved disk wiping tool, Steve Armstrong Re: DoD approved disk wiping tool, Hattrickinc Re: Removing ping/icmp from a network, Mark Owen

Previous by Date:	Re: ISSMP Certificate, Sergii Khomenko
Next by Date:	File sharing with Bittorrent: what possible security threads?, Simon Jolle sjolle
Previous by Thread:	Re: Removing ping/icmp from a network, Jon R. Kibler
Next by Thread:	DoD aproved disk wiping tool, JP Vicente
Indexes:	[Date] [Thread] [Top] [All Lists]