Disable ICMP echo (ping) responses in Linux

Posted September 5, 2003 by Quinn McHenry in Linux networking

Many malicious attacks begin with a ping scan. Disabling ICMP echo requests prevents your system’s discovery with a ping.


As superuser, add the following lines to /etc/sysctl.conf

net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1

Then run the following command to cause the change to take effect immediately:

sysctl -p

This change will persist following a reboot.

 

About Quinn McHenry

Quinn was one of the original co-founders of Tech-Recipes. He is currently crafting iOS applications as a senior developer at Small Planet Digital in Brooklyn, New York.
View more articles by Quinn McHenry

The Conversation

Follow the reactions below and share your own thoughts.