Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Ping vs www server
- Date: Sat, 19 Apr 2008 07:06:59 +0900
- From: "Josh Glover" <jmglov@example.com>
- Subject: Re: [tlug] Ping vs www server
- References: <47FE430E.3050608@imaginatorium.org> <87lk3lh5ky.fsf@uwakimon.sk.tsukuba.ac.jp> <20080410213357.GA15843@mail.scottro.net> <20080417054309.GB428@lucky.cynic.net> <d8fcc0800804170305w10e06c1exf449d971a6f1c390@mail.gmail.com> <20080417233520.GB7858@pragmatic.cynic.net> <d8fcc0800804171949x15a2c2fdy82c49eb36835e646@mail.gmail.com> <48081395.200@bebear.net> <d8fcc0800804172303s46a294a3ga99d6dac6b8fd424@mail.gmail.com> <48084D0A.1030007@bebear.net>
On 18/04/2008, Edward Middleton <emiddleton@example.com> wrote: > I am advocating the network security administrators look at the cost to the > company as a whole of implementing and ongoing cost resulting from security > measures, and balance that with the improved security achieved. Yes, this is good advice, and I do not disagree at all. I am just saying that I have done this calculation several times, and it usually works out in favour of dropping ICMP at the gateway (and for my personal machines, dropping it inbound). > Death by a thousand small cuts. The reason for not doing this is that it > adds unnecessary complexity to your configuration for minuscule improvement > in security. If you cannot easily deploy whatever configuration you choose to all of your network hardware, you have bigger security concerns then whether to drop ICMP. -- Cheers, Josh
- Follow-Ups:
- Re: [tlug] Ping vs www server
- From: Curt Sampson
- Re: [tlug] Ping vs www server
- References:
- [tlug] Ping vs www server
- From: Brian Chandler
- Re: [tlug] Ping vs www server
- From: Stephen J. Turnbull
- Re: [tlug] Ping vs www server
- From: Scott Robbins
- Re: [tlug] Ping vs www server
- From: Curt Sampson
- Re: [tlug] Ping vs www server
- From: Josh Glover
- Re: [tlug] Ping vs www server
- From: Curt Sampson
- Re: [tlug] Ping vs www server
- From: Josh Glover
- Re: [tlug] Ping vs www server
- From: Edward Middleton
- Re: [tlug] Ping vs www server
- From: Josh Glover
- Re: [tlug] Ping vs www server
- From: Edward Middleton
- [tlug] Ping vs www server
- Prev by Date: Re: [tlug] Ping vs www server
- Next by Date: Re: [tlug] OT: DC Power Transmission can be more efficient
- Previous by thread: Re: [tlug] Ping vs www server
- Next by thread: Re: [tlug] Ping vs www server
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |