Wayne Bouchard web at
Mon Dec 8 18:39:45 UTC 1997

Since so far 6 people misunderstood this, I *meant* those networks
that don't need to permit it, should consider filtering inbound ICMP
echo request packets. (And, hence, blocking the spoofed packet from
causing an ICMP echo reply flood.)

> Adrian Chadd writes...
> > A couple of problems:
> > 
> > * Filtering ALL ICMP is pretty silly, ICMP is there for more than just
> >   pings, and some of it is important.

Wayne Bouchard                             GlobalCenter
web at                           
Primenet Network Operations                Internet Solutions for
(602) 416-6422   800-373-2499 x6422        Growing Businesses
FAX: (602) 416-9422          

More information about the NANOG mailing list