How to keep a computer from answering to ping?
Extracted from comp.security.unix
Tip provided by Scott Prader
: Because I want to monitor traffic, not block it entirely. I just want
: this machine to basically lurk on my network looking for suspicious
: activity and then notifying me if it occurs. Not reponding to pings
: would at least keep most "hackers" out becaues they would never even
: know it's there.
actually, i've been doing some work on this.. if you run a devel kernel (the
2.1.* series..not likely that you do, but i do and it's kinda neat,
actually) then it is possible to block pings entirely to your machine..
a simple "echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all" will do the
trick... to turn it back on, simply
"echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all"
Previous | Next | Index of category | Main Index | Submit |
Appears in section(s) :
kernel net security
Tip recorded : 30-11-1998 20:50:43
HTML page last changed : 27-07-1999 20:06:07