[lug] making ping not respond
Shannon Johnston
nunar at nunar.com
Mon Feb 11 10:14:06 MST 2002
On a large portion of the servers I run, I disable ping entirely. It
hasn't caused problems for me at all.
In the /etc/sysctl.conf file, add:
net.ipv4.icmp_echo_ignore_all = 1
net.ipv4.icmp_ehco_ignore_broadcasts = 1
Then restart networking.
Shannon
On Sun, 2002-02-10 at 09:31, Richard Fifarek wrote:
> On Sat, 9 Feb 2002, Timothy C. Klein wrote:
>
> > Am I just confused, or isn't blocking all ICMP packets *way* too broad? I
> > thought the firewall HOWTO mentioned that many ICMP packets are
> > absolutely essential, and your networking will function poorly if they
> > are all turned off?
>
> Not absolutely essential, but certainly nice to have. Here's the
> URL describing why:
> http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO-5.html#ss5.2
>
> This is where iptables is a neccessary upgrade because it allows
> stateful filtering, as Dan Radom mentioned.
>
> -----------------------------------------------------
> Richard H. Fifarek rfifarek at silug.org
> -----------------------------------------------------
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG
mailing list