Comments on: Disable ICMP echo (ping) responses in Linux http://www.tech-recipes.com/rx/40/disable-icmp-echo-ping-responses-in-linux/ Computer and technology tutorials and guides Sat, 21 Nov 2009 21:54:54 -0800 http://wordpress.org/?v=2.8.6 hourly 1 By: Guest http://www.tech-recipes.com/rx/40/disable-icmp-echo-ping-responses-in-linux/comment-page-1/#comment-1153 Guest Fri, 17 Dec 2004 01:55:21 +0000 guid-fix-me!#comment-1153 thanks for the tip! complete newbie to Linux but managed to get 100% stealth enabled in the firewall.... using your tips page.. only had to disable ping to achieve it! thanx again! :P thanks for the tip! complete newbie to Linux but managed to get 100% stealth enabled in the firewall….
using your tips page.. only had to disable ping to achieve it! thanx again! :P

]]> By: Anonymous http://www.tech-recipes.com/rx/40/disable-icmp-echo-ping-responses-in-linux/comment-page-1/#comment-727 Anonymous Fri, 24 Sep 2004 19:23:15 +0000 guid-fix-me!#comment-727 Just have your monitoring service try to connect to an open port (FTP, POP3, SMTP, WEB, SSH, Etc.) instead of going through the trouble of installed firewall software and configuring it. I use hyperspin.com and they can try to connect to a specific port instead or in addition to a classic ping. Just have your monitoring service try to connect to an open port (FTP, POP3, SMTP, WEB, SSH, Etc.) instead of going through the trouble of installed firewall software and configuring it. I use hyperspin.com and they can try to connect to a specific port instead or in addition to a classic ping.

]]> By: Anonymous http://www.tech-recipes.com/rx/40/disable-icmp-echo-ping-responses-in-linux/comment-page-1/#comment-326 Anonymous Wed, 04 Aug 2004 23:01:21 +0000 guid-fix-me!#comment-326 But that would stop pings altogether. If you have a monitoring service, this would hurt you. You would never know if your server went down. I would suggest installing APF fire wall, then do this: pico -w /etc/apf/conf.apf Change this: IG_ICMP_TYPES="3,5,11,0,30,8" To this: IG_ICMP_TYPES="3,5,11,0,30" So, if you have a monitoring service, add the monitor's IP to the alallow_hosts.rules file. THEN: service apf restart That would block pings from all outside sources except the IP's you explicitly allow. But that would stop pings altogether. If you have a monitoring service, this would hurt you. You would never know if your server went down.

I would suggest installing APF fire wall, then do this:
pico -w /etc/apf/conf.apf

Change this:
IG_ICMP_TYPES=”3,5,11,0,30,8″

To this:
IG_ICMP_TYPES=”3,5,11,0,30″

So, if you have a monitoring service, add the monitor’s IP to the alallow_hosts.rules file.

THEN:
service apf restart

That would block pings from all outside sources except the IP’s you explicitly allow.

]]>