Stopping suspicious ICMP activity
Does anyone know how to stop inly suspcicous ICMP activity?
Meaning allow only the the normal ping packets but stop weird ones and "specially crafted" ones that have been in security articles recently. Do you knowhow to do this with ipchains? because right now my rule about ICMP is this:
ipchains -A input -j DENY -p ICMP -i ppp0
Which prevents me from doing much but also prevents ping scanning.
Thanks in advance
|