Questions about ICMP
Gordon Messmer
yinyang at eburg.com
Fri Dec 7 16:46:24 UTC 2007
Daniel B. Thurman wrote:
>
> So... am I to read this as it is a good idea to disable all icmp
> requests? I get a LOT of ICMP requests from the Internet probing
> at my ports, which are disabled. This is a good idea?
That's impossible. UDP ports can only be tested by UDP packets, and TCP
ports can only be tested by TCP packets. ICMP is a different IP
protocol which doesn't feature numbered ports. As such, blocking ICMP
won't prevent port scans, it'll just prevent some of your own outbound
connections from working properly.
More information about the fedora-list
mailing list