ICMP Blocking Woes
Stephen J. Wilcox
steve at telecomplete.co.uk
Thu Oct 2 16:58:22 UTC 2003
Lo! On Thu, 2 Oct 2003, Sean Donelan did sayeth:
> Various ISPs have been trying lots of different ICMP filters. You can
> see some of the impact on the Internet average graphs from XAffire.
>
> http://www.xaffire.com/press/ea/EA20030902_images?rf=EM005
>
> Xaffire/Matrix Systems apparently used ping packets that were the
> same size as those being filtered by some ISPs. According to Xaffire
> service providers implementing filters included Cable & Wireless and
> Level 3.
It does raise the question of whether ICMP Echo is a good mechanism for
monitoring systems that are across third party networks.
I personally think that filtering ICMP is becoming less useful and you would get
better results using other probe methods eg SYN/RST as deployed by numerous port
scanning tools eg nmap
Steve
More information about the NANOG
mailing list