Quote:
Originally Posted by qasdfdsaq
No, point is you shouldn't have to mitigate anything.
|
Is that the point? The only reason you wouldn't have to mitigate an attack is if people didn't try to attack you. If someone does an ICMP flood, something has to mitigate it - even if it's the ICMP responder itself. It doesn't matter if it's the responder, the firewall or something else, there's multiple layers of security for a reason.
The real point is that disabling ICMP isn't a solution by any means. I think that much we can agree with.