Which of the following firewall rules is not appropriate to protect an organization's internal network?
A Allow echo reply outbound
B Allow echo request outbound
C Drop echo request inbound
D Allow echo reply inbound
Why not D ? Why A ..I can argue that I can be DoS'ed by Smurf Attack,and hence denying ICMP reply coming in to my network. I can also say that I want to deny outbound reply because i dont want to be amplifying network for Smurf Attack.
Dont know if i am thinking right !!

I think this question is quite hard...

However, i would still go with A. From a network security perspective, answer A pose a greater security threat because with echo packet reply going outbound an attacker can create a map of the protected network behind the router and the firewall.

DoS is certainly another security consideration, however from my personal experience, disable inbound echo reply is just not practical, If I ever implement such policy, I would have every network admin throwing their cold pizza and warn coke at me.

There are many ways to filter out a suspicious ICMP storm and still allow legitimate reply to come in, however, it is not advisable to disable the inbound echo reply altogether.

Damn man, that sucks. My question is, and excuse me if its a dumb one, but wouldnt it still be hard to play golf with a torn ACL?

Damn man, that sucks. My question is, and excuse me if its a dumb one, but wouldnt it still be hard to play golf with a torn ACL?


I can drink Crown with a torn ACL no problem, so what's your problem?

I can drink Crown with a torn ACL no problem, so what's your problem?

These are always better with Scotch! (and I am not talking about the TAPE!)