Blocking ICMP echo traffic from internal trusted networks
181 permit icmp any <trusted subnet range> echo (12 matches)
permit icmp any host <router IP Address> echo (4234 matches)
I was getting a lot of hits on my IPS module on ICMP echo traffic. Cisco TAC had me disable the sigs for ICMP echo and echo reply on the IPS. I put a permit on my 2811 router to see how many hits I receive. This was less than 30 seconds. Is it safe to block icmp traffic from the trusted subnets where my servers and workstation are? The IPS saw many hits on the two sigs. I have seen thousands of ICMP hits on my router in the last day in CoPP. Should I block them? I am considering only permitting my ISP to do ICMP sweeps.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...