7 Mar
2019
7 Mar
'19
1:30 p.m.
On 3/7/19 8:10 AM, Saku Ytti wrote:
So why not disable ICMP Echo and UDP traceroute, those kids using network diagnostics don't need them.
For clue constrained audience fear will always be the most compelling argument.
OK, OK, so I will continue to rate-limit both, to reasonably high limits on the order of 250/second. Absent a DoS, it allows network operators to use these tools as they should. My logs show no harm except to attack traffic. Everything in moderation.