Thanks to you both Jon and Rick. There are other traffic / protocol specific access lists applied. What I am afraid of this is that am I not opening my router up to a ping flood? The router has a private address but I still need to control this right?
There are various opinions about the value of permitting ping and about the danger of permitting ping. I tend to believe that the potential value of ping as a troubleshooting tool makes it worthwhile to permit inbound ping. I know others who react to the potential use of ping in denial of service attacks and deny it.
Probably the answer will depend on where in your network the router is located and how willing you are to give up a useful tool to be (marginally) safer. If the router were the border router at the edge of your network, I might deny inbound ping on its Internet facing interface. I would be inclined to permit ping on the interior facing interfaces.
If you are concerned about the security implications of permitting ping, then perhaps a middle position would be to permit ping whose source address was internal to your network and to deny ping whose source address was external to your network.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...