[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Re: Blocking ICMP
Assuming you're on V4, ICMP traffic can be blocked in the Policy Properties. Open the GUI, go to the "Policy" menu, choose "Properties". On the Security Policy tab there's an "Implied Rules" section. Uncheck "Accept ICMP". That will stop ICMP traffic in and out unless you allow it explicity in some other rule. Remember that will kill your ability to ping and traceroute across the firewall too (again, unless you explicity allow it in a rule). (To view the Implied Rules, go to the "View" menu and choose "Implied Rules". You should see some rules in yellow at the top and bottom of your rulebase. Those are the rules created by what's implied in the Policy Properties settings.) As far as Smurf attacks -- are you trying to prevent being attaked from outside or inside? Or trying to keep from participating? Depending on the answer to these questions and whether or not you have a router between your firewall and your ISP connection, blocking ICMP at the firewall may or may not help. ----- Original Message ----- From: "Paul Cunningham" <[email protected]> To: <[email protected]> Sent: Wednesday, August 15, 2001 3:52 PM > > Hello all, > > I am a newbie with this software and have been thrust into a situation that > requires me to write a rule for my firewall denying all ICMP traffic. Our > regular administrator is unreachable and we have no tech support. I need to > lock this down to stop a "Smurf" attack on my network. If anyone might be > kind enough to lend me a hand I would appreciate it. I'm sure it's easy for > people who are well versed in the software, but I am looking at it for the > first time today! I'm sure that rule may already be in place, but need to > verify that. I figured out the basics on how to create the rule, but I'm not > sure where the objects should be placed and what, if any, advanced features > I need to invoke. > > Thanks, > > Paul > > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|