I noticed that some network disable the ping and some security engineer disable the ping in network. I also found some article that Disabling ICMP won’t increase security. What is the best practice ? If we enable ping , how to protect the attack like ping of death,icmp flood ,spoofing ,etc ?
@MrBeginner, great post and thanks for asking this question that is very important to understand.
#1) the answer to this is, it depends. Network security is layered and complex so it depends on where you are using ping and trace. Here is a link and short summary from the ASA firewall perspective, which is protecting the internal traffic from the outside.
ICMP Packet Filtering: ICMP is designed as an IP control protocol. As such, the messages it conveys can have far-reaching ramifications to the TCP and IP protocols in general. While the network troubleshooting tools ping and traceroute use ICMP, external ICMP connectivity is rarely needed for the proper operation of a network.
Ping is just a tool to check availability/connectivity of node. disabling ping gives advantage to avoid random ping scans from anyone. but still there is other ways to check availability/connectivity of services. such as nmap scans, tcp scaning, etc.
Please rate this and mark as solution/answer, if this resolved your issue Good luck KB