LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-03-2006, 03:47 PM   #1
Guru Mind
Member
 
Registered: Dec 2005
Posts: 41

Rep: Reputation: 15
how can i stop ping reply?


hi everybody , i have newbie question

how can i stop ping reply videlicet how can i stop reply if anybody ping my IP , or just got my IP but don't got reply?

and sorry for bad english .
 
Old 02-03-2006, 03:51 PM   #2
pljvaldez
Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Squeeze (x86)
Posts: 6,092

Rep: Reputation: 269Reputation: 269Reputation: 269
I believe you just need to install a firewall and configure it to drop all packets.
 
Old 02-03-2006, 04:23 PM   #3
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
As root

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

This will block all icmp requests.

To make this a permanent settings, add the line below to /etc/sysctl.conf

net.ipv4.icmp_echo_ignore_all = 0

As pljvalez suggested, you can also set a firewall rule to disable icmp reply.
 
Old 02-03-2006, 06:05 PM   #4
Guru Mind
Member
 
Registered: Dec 2005
Posts: 41

Original Poster
Rep: Reputation: 15
pljvaldez thank you but i wanna stop ping without firewall

ppuru thanks it's worked , but i try to edit sysctl.conf and put what you say but it dosn't worked

anyway thank .

Last edited by Guru Mind; 02-03-2006 at 06:06 PM.
 
Old 02-03-2006, 06:14 PM   #5
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
gurumind, my apologies, set

net.ipv4_icmp_echo_ignore_all = 1

to stop pings. setting it to 0 allows pings.
 
Old 02-03-2006, 06:33 PM   #6
Guru Mind
Member
 
Registered: Dec 2005
Posts: 41

Original Poster
Rep: Reputation: 15
ok ppuru , but would i must restart service or something like that?

and really thanks ppuru .
 
Old 02-03-2006, 06:37 PM   #7
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
no need, the next time you reboot your system, the icmp_echo_ignore_all will be set.
 
Old 02-03-2006, 09:41 PM   #8
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
You don't need to reboot to make the settings take effect. If you've added the line to /etc/sysctl.conf, as root type sysctl -p
 
Old 02-04-2006, 06:35 AM   #9
Guru Mind
Member
 
Registered: Dec 2005
Posts: 41

Original Poster
Rep: Reputation: 15
after i type sysctl -p

error: "net.ipv4_icmp_echo_ignore_all" is an unknown key

any suggeste?
 
Old 02-04-2006, 06:41 AM   #10
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by Guru Mind
after i type sysctl -p

error: "net.ipv4_icmp_echo_ignore_all" is an unknown key

any suggeste?
try changing the first underscore to a period... like this:
Code:
net.ipv4.icmp_echo_ignore_all
 
Old 02-04-2006, 08:59 AM   #11
iNeo
LQ Newbie
 
Registered: Feb 2006
Posts: 13

Rep: Reputation: 0
This is slightly off topic.
I know there is a way in which you can configure some message to be displayed when someone tries to ping our machine. Does anyone know how that is done?
 
Old 02-04-2006, 09:07 AM   #12
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by iNeo
This is slightly off topic.
I know there is a way in which you can configure some message to be displayed when someone tries to ping our machine. Does anyone know how that is done?
well, if you filter the pings with regular iptables instead of sysctl.conf it's just a matter of adding a LOG target rule... so anytime someone pings you it will show-up in /var/log/syslog:
Code:
iptables -I INPUT -p ICMP --icmp-type 8 \
-m state --state NEW -j LOG
 
Old 02-04-2006, 01:34 PM   #13
dutler
LQ Newbie
 
Registered: Nov 2003
Posts: 24

Rep: Reputation: 15
are you suing a gui? check out he iptable instface guarddog
 
Old 02-04-2006, 05:21 PM   #14
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 46
Quote:
Originally Posted by win32sux
try changing the first underscore to a period... like this:
Code:
net.ipv4.icmp_echo_ignore_all
Thanks win32sux, sorry for the typo Gurumind.

net.ipv4.icmp_echo_ignore_all is the correct key.

sysctl -a gives a list of all settable parameters. Play around at your own risk.
 
Old 02-04-2006, 06:17 PM   #15
Guru Mind
Member
 
Registered: Dec 2005
Posts: 41

Original Poster
Rep: Reputation: 15
Thanks win32sux and ppuru for help

it's working now
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slow First Ping Reply Fr33B5D Linux - Networking 4 08-27-2005 10:07 AM
Configure ping reply time rabeea General 6 01-27-2005 02:08 AM
Return true or false if I have ping reply Menestrel Programming 4 11-29-2004 12:40 AM
No ping reply bambolin Linux - Networking 6 10-29-2004 06:18 AM
no ping reply siriuz Linux - Networking 2 03-16-2004 01:53 AM


All times are GMT -5. The time now is 09:20 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration