On Mon, Apr 11, 2005 at 10:32:07AM -0400, Chris Wolf wrote:
> Doug (or others),
> This discussion of pinging reminds me--what are you recommending for the ICMP settings of the Windows XP Firewall? I recall discussion at a NAG meeting where most seemed to think that Microsoft's default settings were too restrictive and that allowing all of the ICMP responses was desirable.
Personally, I still think it's a good idea to allow ICMP responses,
but I do know that others may disagree. I like it because it aids in
troubleshooting, and can also aid with the use of dynamic IP addresses,
allowing the DHCP server to spot misused IP addresses.
I do know that some worms or scanners use an ICMP echo test prior to a
more in-depth probe of a system, so turning off ICMP echo replies can
make your system invisible to such worms. However, those worms seem
to be a small minority of those that are out there.
Doug Nelson, Network Manager | [log in to unmask]
Academic Computing and Network Services | Ph: (517) 353-2980
Michigan State University | http://www.msu.edu/~nelson/