Huh? ICMP floods vs TCP floods. Aren't they both IP or have I missed something glaringly obvious.
Yes, both are independent of the network layer protocol which operates beneath them (which in this case is IP) The difference is that you can filter icmp seperately from tcp to give you some sort of granularity with your acl policy. This is important in that if you deny icmp traffic to a specific segment of your network (or in from your serial interface for the whole thing) you are still vulnerable to the publicized attacks which exploit vulnerabilities inherent in TCP. The whole point for this discussion was that you should be a responsible network administrator and understand the trouble you could cause the people you are connected to. Once you understand that, you can take use the facilities that your vendor provides to limit the damage so to speak. BR brad reynolds ber@cwru.edu