Hi all -

I am using msec for security (mandrake) and no iptables.

I know how to change the various levels of msec , but i am having a problem setting my server to reply to pings.

The "level" i want to use for msec writes the following line to my sysctl.conf file:


The sysctl has at the top which is not rewritten when i change anything:

I changed in the /usr/share/msec/level.x file a line that had:


to




So my question is, how/what do i need to change to have the server respong to pings.

Also , a seconday question, what is the difference between ignore_broadcasts and ignore_all?

*edit* I put this in here bc it involves msec, if it is more appropriate somewhere else please move it


Thanks in advance!

Did you also change icmp_echo_ignore_all=1 to 0?

Note that these will probably be reset by msec, so you may need to override that setting.

Also , a seconday question, what is the difference between ignore_broadcasts and ignore_all?
Ignore_broadcasts only blocks ping packets sent to the broadcast address of your particular network (so all hosts on your network would respond to the echo request). Pinging a particular host on the LAN would be fine. Ignore_all is just what it sounds like...ignore all. The ignore_broadcast setting is used to prevent certain types of DoS attacks like smurf. Your border firewall should never allow remote hosts to ping the local network broadcast otherwise you'll find your bandwidth being used as a smurf amplifier.

Yes I changed net.ipv4.icmp_echo_ignore_all=1 to 0, in the sysctl file. MSEC overrode it.

Thx for the reply.

Use the draksec graphical utility to change the icmp echo setting (should be under network settings tab).

I am trying this:

Wonder if this will keep it on though, bc the sysctl will has otherwise.

I will see! Thanks Capt_Caveman