Make Linux ignore a ping

Contributor Icon Contributed by skreuzer Date Icon October 18, 2003  
Tag Icon Tagged: Linux security

Sometimes it can be useful to hide a Linux machine a bit.


To turn answers to icmp_echos off, as root type:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

and to turn it on again type:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

Previous recipe | Next recipe |
 
  • bofh468
    Even better:

    don't ignore ICMP echos:
    sysctl -w net.ipv4.icmp_echo_ignore_all=0


    do ignore ICMP echos:
    sysctl -w net.ipv4.icmp_echo_ignore_all=1


    sysctl -a will give you a nice list of values that you can tweak.

    If you're running a Redhat-based system, you can plop the desired values in /etc/sysctl.conf.
  • MacBaine
    No answer to an ICMP ping does not automatically mean, that your machine does not exist.

    If your machine would not exist, the last router _before_ your machine would send an ICMP not reachable message.

    Doing strange things with your ICMP config buys you absolutely nothing in respect to an attacker, but may easily make legitimate network use more difficult. E.g. look how MTU discovery works and how it does not because "wise" admins disallow their machines to send ICMP replys.

    Regards,
    Jim
blog comments powered by Disqus