Ignoring Pings

Ignoring Pings

The PING (Packet Internet Groper) service on your machine can, in skilled hands,

provide the backdoor to a Denial of Service (DOS) attack. If you don’t have a
real need for your machine to answer ping requests, a simple command line will
kill the service. As with many other ‘net services, shutting down the ping
service can provide additional security for your ‘net-connected Linux
computer.

As root, enter the following command in a terminal window:

    echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

This command kills the ability of your computer to answer a ping request. It
shouldn’t affect most of your other ‘net-centric services. To turn the ping
response back on, simply enter the command:

    echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all

You’ll notice that the only difference in the two is the change to the echo
parameter - echo 1 to turn the service off, echo 0 to turn it back on.

It’s a small security measure, but, cumulatively, every hole you can reasonably
close is helpful in securing your Linux machine.