IpConfig/PingReply Registry Key
NAME
IpConfig/PingReply
DEFAULT
enabled
DESCRIPTION
You may use the
PING command to query the presence of many devices and
systems out on the network. This can represent a security concern given
that bots and malicious actors may use the command to locate the JNIOR and
to then focus their attack upon it. Many security professionals suggest that
replies to the PING command be disabled.
You may prevent the JNIOR from replying to PING commands by setting
IpConfig/PingReply to
disabled.
NOTES
The
traceroute command present in one form or another in most major operating
systems use PING in combination with the Time-To-Live (TTL) parameter to
approximate a route to some remote client. When PING replies are disabled the
ability to trace the route to the JNIOR may be prevented. Some
traceroute
implementations utilize UDP as an alternative. In this case relying on a PORT
UNREACHABLE response. JANOS however also squelches this ICMP message by default.
An exception to this has been implemented that allows for route tracing using UDP.
SEE ALSO
HELP Topics:
PING
[/flash/manpages/registry.hlp:1070]