View previous topic :: View next topic |
Author |
Message |
igir3dsk1 Just Arrived
Joined: 28 Sep 2002 Posts: 4 Location: 7h3 !n73rn37 :)
|
Posted: Wed Dec 04, 2002 2:24 am Post subject: How to keep a computer from answering to ping? |
|
|
I have found this trick and would like to share it(It may be old for some of you).
Anyway:
type this command:
Code: |
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all |
And to put it back type this one:
Code: |
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all |
I got it from here:
http://www.patoche.org/LTT/security/index.html
Please if you know another ones please share them.
Thanks<<<r3dsk1>>>
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Wed Dec 04, 2002 3:43 am Post subject: |
|
|
Or use a firewall and/or turn icmp off.
|
|
Back to top |
|
|
delete852 Just Arrived
Joined: 19 Nov 2002 Posts: 4 Location: Washington DC
|
Posted: Wed Dec 04, 2002 3:50 am Post subject: |
|
|
Yea this is cool, I have known it for a while, in windows 2k pro, you can go and set up ipsec, to specifically deny, all ping requests to all ports. Its pretty cool. Check it out.
|
|
Back to top |
|
|
gigsvoo Just Arrived
Joined: 16 Aug 2002 Posts: 0
|
Posted: Wed Dec 04, 2002 4:32 am Post subject: |
|
|
What are the consequencies not allow to be pinged?
|
|
Back to top |
|
|
igir3dsk1 Just Arrived
Joined: 28 Sep 2002 Posts: 4 Location: 7h3 !n73rn37 :)
|
Posted: Wed Dec 04, 2002 4:50 am Post subject: |
|
|
Well it does not do nothing at all but if somebody ping you,it will seems that you are off-line and it will keep out somebdy.
<<<r3dsk1>>>
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Wed Dec 04, 2002 5:32 am Post subject: |
|
|
ping has several functions as follows from whatis.com:
Quote: |
Ping is a basic Internet program that lets you verify that a particular IP address exists and can accept requests. The verb ping means the act of using the ping utility or command. Ping is used diagnostically to ensure that a host computer you are trying to reach is actually operating.
Ping can also be used with a host that is operating to see how long it takes to get a response back. Using ping, you can learn the number form of the IP address from the symbolic domain name |
|
|
Back to top |
|
|
igir3dsk1 Just Arrived
Joined: 28 Sep 2002 Posts: 4 Location: 7h3 !n73rn37 :)
|
Posted: Wed Dec 04, 2002 5:34 am Post subject: |
|
|
Is there a set of rule to hide you ports?
|
|
Back to top |
|
|
gigsvoo Just Arrived
Joined: 16 Aug 2002 Posts: 0
|
Posted: Wed Dec 04, 2002 5:40 am Post subject: |
|
|
How do I specify who can ping me who cannot?
|
|
Back to top |
|
|
flw Forum Fanatic
Joined: 27 May 2002 Posts: 16777215 Location: U.S.A.
|
Posted: Wed Dec 04, 2002 5:53 am Post subject: |
|
|
Quote: |
How do I specify who can ping me who cannot? |
This is ususally done at a firewall (wether on a PC or seperate piece of hardaware) or router. So you can setup and configure a router or just install/configure a firewall.
|
|
Back to top |
|
|
gigsvoo Just Arrived
Joined: 16 Aug 2002 Posts: 0
|
Posted: Wed Dec 04, 2002 6:54 am Post subject: |
|
|
Ok. I am running a Linux with Psyche, how do I use the firewall to configure? Does that mean I have to specify the IP range will do the tricks?
Then I shall look into documentation on configuring firewall. So the port is ICMP right?
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Wed Dec 04, 2002 11:23 am Post subject: |
|
|
You are breaking RFC if you don't allow any pings though, although microsoft.com does this (not surprisingly).
It's usually best to accept 1 or 2 for each IP then block any more from them for say 30 minutes.
|
|
Back to top |
|
|
gigsvoo Just Arrived
Joined: 16 Aug 2002 Posts: 0
|
Posted: Wed Dec 04, 2002 11:31 am Post subject: |
|
|
ShaolinTiger wrote: |
It's usually best to accept 1 or 2 for each IP then block any more from them for say 30 minutes. |
How to do this?
|
|
Back to top |
|
|
ShaolinTiger Forum Fanatic
Joined: 18 Apr 2002 Posts: 16777215 Location: Kuala Lumpur, Malaysia
|
Posted: Wed Dec 04, 2002 11:46 am Post subject: |
|
|
Read the funky manual associated with whatever firewall solution you have chosen to use.
Most firewalls allow an action following a give event, so in pseudo code.
Code: |
On Ping from host, log host to host.log
Check host.log for number of pings
If number of pings > 4
Then run deny.sh script
rm hosts.log
End |
deny.sh would contain whatever is required to totally block an IP address from accessing anything from you and it would accept an argument (host).
There are plenty of ways to do this, this is just one idea I came up with.
ICMP doesn't use ports either, it's a protocol and has types (1-18 I think).
http://www4.ulpgc.es/tutoriales/tcpip/pru/3376c24.htm#icmp
I suggest you have a Google.
|
|
Back to top |
|
|
gigsvoo Just Arrived
Joined: 16 Aug 2002 Posts: 0
|
Posted: Wed Dec 04, 2002 12:29 pm Post subject: |
|
|
Hi,
I think I am too wimp on UNIX/Linux security, do you mind if I ask for detailed explanations and steps??? Please...
|
|
Back to top |
|
|
Mongrel SF Mod
Joined: 30 May 2002 Posts: 8
|
Posted: Wed Dec 04, 2002 5:16 pm Post subject: |
|
|
Blocking ICMP ( ping) helps eliminate all but the more determined crackers from breaking into your system.
Very often, they'll scan a block of IP addies for open ports. The process goes much faster if they tell the scanner not to scan all ports on addresses that do not reply to a ping.
They find the most obvious machines more quickly.
The more determined will scan for open ports even if the computer does not reply to a ping. They will find your machine anyway but you make them work a little harder for it.
|
|
Back to top |
|
|
browolf Trusted SF Member
Joined: 19 Apr 2002 Posts: 1
|
Posted: Wed Dec 04, 2002 7:33 pm Post subject: |
|
|
delete852 wrote: |
in windows 2k pro, you can go and set up ipsec, to specifically deny, all ping requests to all ports. Its pretty cool. Check it out. |
i googled ipsec but it all seemed to be talking about iis and servers.
if i did this on my winxp computer on dsl would internet p2p still work?
|
|
Back to top |
|
|
|