Are there any benefits from disabling Ping/ICMP requests on servers?
I've read where people say to do it but I can't seem to find any real benefits with it. Only more likely to cause more problems.
EDIT: All types of ICMP packets.
Asked
Active
Viewed 1,118 times
2
-
1ICMP echo requests are not the only type of ICMP packet. Is your question about just echo requests or *all* ICMP types? – Ladadadada Oct 17 '13 at 16:28
-
For all IMCP packets, see this existing question: http://security.stackexchange.com/q/22711/12 – Xander Oct 17 '13 at 19:38
1 Answers
4
The theory is that it reduces the amount of information available to attackers. A good traceroute can be most informative.
In addition, and in theory, every additional service running on a machine is a possible source of vulnerabilities. The thingumajig that answers ICMP requests is no exception, although they are mostly very old and small thingumajigs whose bugs got shaken out long ago.
As always, there is a decision to be made of security vs convenience. Is the small increase in security worth the inconvenience of breaking standard diagnostic tools?
Graham Hill
- 15,394
- 37
- 62
-
"*ping daemon*"?? While such a thing [exists in principle](http://www.phrack.com/issues.html?issue=52&id=7), that's not how the typical OS IP stack operates. Further, HP-UX's [ping issue](http://www.cvedetails.com/cve/CVE-2002-1610/), any [HP-UX ping daemon](http://h30097.www3.hp.com/docs/cluster_doc/cluster_16/MAN/MAN8/0013____.HTM), and [ancient history](http://insecure.org/sploits/ping-o-death.html) are largely unrelated... – mr.spuratic Oct 17 '13 at 21:01