I am very well aware of that. My point, as
you've restated in your rebuttal, is that the less a hacker has at his
fingertips with which to develop an overview of your network, the harder it will
be for him to mount a successful attack. While ping is just a scratch at
the surface of possible attack methods it's removal is another notch on the belt
of the administrator trying to protect his network.
If my answer was not clear the
first time I apologize. Next time I'll try to be a little bit more
detailed into the explanation of such things. I was just under the
impression that we we're, to some extent, professionals capable
of comprehending the meaning behind short
explanations.
I also have to say that I've done some extensive testing on
Checkpoints firewall with the majority of the Security
scanners out there, nmap in particular, and if you've been able to
do a successful scan on a Checkpoint firewall, properly configured of
course, without it being noted in the logs, I tip my hat to you.
Maybe it's time for me to go back to basic
training.
Juan Concepcion Network Security Consultant CCSA/CCSE
Certified E-Mail:
[email protected]
Juan,
I would have to
disagree with that. There are ways to run scans on machines that don't
response to ping. It makes the scan run longer, but it will look for any
and all ports on all addresses within the range you set.
Steve Schuster Midwest
ISO Security Analyst
People can't attack what they can't
see/detect.
Juan Concepcion Network Engineer/Security Consultant CCSA/CCSE E-Mail:
[email protected]
How does blocking ICMP make my firewall more
secure?
|