1 / 4

Filtering ICMP Messages: Recommendations

This document provides recommendations for filtering ICMP messages, addressing both inbound and outbound traffic. It covers ICMPv4 and ICMPv6, and includes suggestions for filtering messages "through" the device as well as messages to/from the device.

sderrick
Download Presentation

Filtering ICMP Messages: Recommendations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Recommendations for filtering ICMP messages(draft-ietf-opsec-icmp-filtering) Fernando Gont UTN/FRH 76th IETF meeting, November 8-13, 2009 Hiroshima, Japan

  2. Changes from the last rev • Populated a few sections • Updated outdated references • Miscellaneous edits • Progress was slow… but now commiting more cycles to it

  3. Open Issues • The document is currently heading for Informational. • Some suggested BCP • BCP might be a better target (personally, I’m happy either way) • Got some positive comments for aiming at BCP • Current advice assumes what to do with ICMP messages that go “through” the device • Should advice also address filtering messages from/to the device? • Got some positive comments about this idea

  4. Moving forward • Currently working working on the ICMPv6 sections • Rest of the document still needs work/review • If you have feedback, post it on opsec@ietf.org, or send it to fernando@gont.com.ar

More Related