[NTLUG:Discuss] SSH
severian@pobox.com
severian at pobox.com
Tue Oct 14 23:08:51 CDT 2003
Howdy,
At present, the only thing this machine will be doing is acting as a SSH
daemon and basically letting the two workers run VNC securely to control
the office PC. I don't care, and maybe even prefer if the machine looks
like a black hole to the rest of the world. With that being the case, will
it cause problems to diable ICMP messages? actually don't know what an
ICMP message is, but I add that to my research. One of the reasons offered
to do this is to learn.
Good day,
Ralph
In response to the welcome remarks of Eric Schnoebelen at 12:04 PM 10/14/03
-0500:
> This is a bad answer. Especially if you interpret it as
>disabling _all_ ICMP messages.
>
> You want to permit Path MTU discovery, which uses ICMP,
>and you want to make sure that ICMP replies (like host/network
>unreachable) go back out.
>
> Doing otherwise causes your site to look like a black
>hole to the net, and will likely break applications and clients
>using your site.
More information about the Discuss
mailing list