[MLB-WIRELESS] Firewall rule?

Paul James paul.james at jamestronics.com
Wed Aug 16 15:45:03 EST 2006


>>blocking ICMP "echo" and ICMP "echo reply" (i.e. ping and ping
response) packets only is relatively harmless but it doesn't actually
gain you anything. if you're trying to block a ping flood then there's
no point in doing it on YOUR router - by the time it gets to your
router, it has already used up your bandwidth.

There is some value in blocking ICMP "echo" and ICMP "echo reply"
particularly when you are on a asymmetric service such as cable or ADSL,
as you may be able to receive the echo, but due to the small amount of
outbound bandwidth eg 128-258Kbit/s you may find that you denial of
service yourself as you can't get any data outbound due to trying to
reply to all of the echoes. 

Regards,

Paul




More information about the Melbwireless mailing list