Re: How to disable ping echo?

Mon, 26 Jun 2000 08:36:29 -0700 

On Mon, Jun 26, 2000 at 08:37:42AM -0500, Justin Ellison wrote:
> Use ipchains:

> /sbin/ipchains -A input -j DENY -i eth0 -p icmp -s 0.0.0.0/0 -d  0.0.0.0/0

> Note that this not only blocks people from pinging you, but it stops you
> from pinging others.

        It also blocks all forms of ICMP including ICMP UNREACHABLE and will
break MTU discovery.  Most of the time, all you will notice is that your
performance my be slightly degraded.  Some (rare) applications and connections
have been known to just flat out break, however.  Use with caution.  With
netfilter, you can allow the WOULD FRAGMENT subtype to UNREACHABLE through
while blocking everything else.  This is what's recommended.

> __________________________________
> Justin Ellison
> System Administrator
> InternetUSA
> [EMAIL PROTECTED]
> http://nebi.com
> 800-603-3502
> 
> > -----Original Message-----
> > From: Jake McHenry [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, June 23, 2000 2:50 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: How to disable ping echo?
> >
> >
> >
> > I had to block the ICMP packets in my router to stop this. I don't know of
> > a way, if there even is one, that you can block ICMP packets at the
> > computer. I'm pretty sure it has to be done from the router.
> >
> > jake
> >
> >
> > On Fri, 23 Jun 2000, Clarence Donath wrote:
> >
> > > How would one go about disabling ping echo on a machine?  In
> > other words, keep
> > > someone from pinging my machine and flooding it.
> > >
> > > If you could point me to some information on the specifications
> > of ping I will
> > > really appreciate it.  'man ping' doesn't give enough detail.
> > >
> > > Regards,
> > > Clarence Donath
> > >
> > >
> > > --
> > > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > > as the Subject.
> > >
> > >
> >
> > Jake McHenry
> > [EMAIL PROTECTED]
> >
> >
> > --
> > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > as the Subject.
> >
> >
> 
> 
> -- 
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.

-- 
 Michael H. Warfield    |  (770) 985-6132   |  [EMAIL PROTECTED]
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!


-- 
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.

Reply via email to