WatchGuard : ICMP Error Handling - 'host-unreachable'

Details

ICMP Error messages can be used as a means to compromise sytems and networks. Appropriate configuration and filtering of these messages should be used to reduce potential threats.


Solution

In the Web UI navigate to the 'System' - > 'Global Settings' - > 'Networking' section. Uncheck the box for 'Host unreachable'.


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system WatchGuard.


References


Source