Pinging Question

.Kencs · 9 Nov 2012 at 10:47

Quick question, if I have 'Remote Management' set on a router to be accessed only by a certain IP address, I can turn on 'Respond to Ping' within the Netgear settings so I can ping the router's IP address from another location, is there any security risks here?

PistolPete · 9 Nov 2012 at 11:00

There are some very small risks, but they are not worth worrying about in your case.

I have my router and firewall external interface respond to ICMP and I see ping sweeps all the time but I get 100x as many SSH and proxy scans.

.Kencs · 9 Nov 2012 at 11:17

Basically we support a lot of little companies and we manage their internet connection but before I advise the to turn 'Repond to Ping' on I want to ensure there is no risk at all.

ots3go · 9 Nov 2012 at 12:17

Always have ICMP response on, not seen any security vulnerabilities because of it.

Unless you have no daemons responding on higher level protocols either, keep it on.
(If you do have higher level daemons responding on ports, people will be able to see you on the interwebs anyway.)

.Kencs · 9 Nov 2012 at 12:19

Thanks

PistolPete · 9 Nov 2012 at 12:47

There is no such thing as "no risk" when you are dealing with the Internet!

The sorts of risks involved with enabling ICMP are DOS attacks, ICMP ping floods, Smurfing, and Ping attacks. Most of these are well known and IP stacks don't respond in the same way as they used to meaning most of them are useless.

I think the worst you can expect realistically these days is more people trying to port scan as they can see that the host is up.

Antowns · 9 Nov 2012 at 17:46

.Kencs said:
Basically we support a lot of little companies and we manage their internet connection but before I advise the to turn 'Repond to Ping' on I want to ensure there is no risk at all.

There's no direct security risks, not responding to the pings would make you a little more invisible on the internet.