Good read: Do you block ICMP at all places in Network?

If your answer is Yes, or you believe that blocking ICMP increases security, then please give some second thoughts for the poor support guy who gets called at 2 A.M. and needs to ping some hosts to ensure reachability….

The Problem

Many network administrators feel that ICMP is a security risk, and should therefore always be blocked at the firewall. It is true that ICMP does have some security issues associated with it, and that a lot of ICMP should be blocked. But this is no reason to block all ICMP traffic!

ICMP has many important features; some are useful for troubleshooting, while some are essential for a network to function correctly. Here are details of some of the important ICMP traffic that you should know about, and consider allowing through your network.

Read the full article at

Share this!