Re: Ok to let all ICMP traffic through firewall?

On Fri, 23 Sep 2005 16:30:33 UTC, Leythos <void@nowhere.lan> wrote:

> > Your 100 networks are not, strictly speaking, a part of the Internet
> > since they don't comply with the Internet standards.
>
> The there are many users/companies that are not part of the Internet as
> many companies block many of the services provided for in the RFC's.
> Blocking Ping is very common, as is blocking inbound 135~139, 445, FTP,
> etc...

You are confusing two different layers. Blocking ICMP is one thing, but
not supporting an application protocol is quite another. It worries me
that you don't appear to understand the difference.

> No where in the RFC's does is say that it's mandated that I must offer
> services in order to use the Internet networks.

ICMP isn't a service, but part of the underlying protocol stack; a fact
which you ignore because you apparently don't know any better.

-- 
[ 7'ism - a condition by which the sufferer experiences an inability
to give concise answers, express reasoned argument or opinion.
Usually accompanied by silly noises and gestures - incurable, early
euthanasia recommended. ]