MilitantEidolon,

Sure. We do have a PIX firewall in place. I don't manage it myself so I don't know for sure what it does when it gets Ping flooded.

But my point isn't to come up with a new solution. I want to confirm if this company is just throwing out a bunch of crap in this report, without anything really being true what so ever.. ?!
Would be easy to just make a long report with most general vulnerabilities, but if you can't confirm a specific vulnerability on a specific server, then they are just straight up lying to us.. !

Sorry if I don't sound appreciative to your help, its just that I want to confront this stupid company, they seem to be completely incompetent...

But if they are right, thanks for the advise! Then we do need to make sure we are protected against it.

Thanks!