• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

How to keep a computer from answering to ping?

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Goto page 1, 2, 3  Next
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
igir3dsk1
Just Arrived
Just Arrived


Joined: 28 Sep 2002
Posts: 4
Location: 7h3 !n73rn37 :)

Offline

PostPosted: Wed Dec 04, 2002 2:24 am    Post subject: How to keep a computer from answering to ping? Reply with quote

I have found this trick and would like to share it(It may be old for some of you).
Anyway:

type this command:

Code:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all


And to put it back type this one:
Code:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all


I got it from here:
http://www.patoche.org/LTT/security/index.html

Please if you know another ones please share them.

Thanks<<<r3dsk1>>>
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Wed Dec 04, 2002 3:43 am    Post subject: Reply with quote

Or use a firewall and/or turn icmp off.
Back to top
View user's profile Send private message Visit poster's website
delete852
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 4
Location: Washington DC

Offline

PostPosted: Wed Dec 04, 2002 3:50 am    Post subject: Reply with quote

Yea this is cool, I have known it for a while, in windows 2k pro, you can go and set up ipsec, to specifically deny, all ping requests to all ports. Its pretty cool. Check it out.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
gigsvoo
Just Arrived
Just Arrived


Joined: 16 Aug 2002
Posts: 0


Offline

PostPosted: Wed Dec 04, 2002 4:32 am    Post subject: Reply with quote

What are the consequencies not allow to be pinged?
Back to top
View user's profile Send private message
igir3dsk1
Just Arrived
Just Arrived


Joined: 28 Sep 2002
Posts: 4
Location: 7h3 !n73rn37 :)

Offline

PostPosted: Wed Dec 04, 2002 4:50 am    Post subject: Reply with quote

Well it does not do nothing at all but if somebody ping you,it will seems that you are off-line and it will keep out somebdy.

<<<r3dsk1>>>
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Wed Dec 04, 2002 5:32 am    Post subject: Reply with quote

ping has several functions as follows from whatis.com:


Quote:
Ping is a basic Internet program that lets you verify that a particular IP address exists and can accept requests. The verb ping means the act of using the ping utility or command. Ping is used diagnostically to ensure that a host computer you are trying to reach is actually operating.

Ping can also be used with a host that is operating to see how long it takes to get a response back. Using ping, you can learn the number form of the IP address from the symbolic domain name
Back to top
View user's profile Send private message Visit poster's website
igir3dsk1
Just Arrived
Just Arrived


Joined: 28 Sep 2002
Posts: 4
Location: 7h3 !n73rn37 :)

Offline

PostPosted: Wed Dec 04, 2002 5:34 am    Post subject: Reply with quote

Is there a set of rule to hide you ports?
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
gigsvoo
Just Arrived
Just Arrived


Joined: 16 Aug 2002
Posts: 0


Offline

PostPosted: Wed Dec 04, 2002 5:40 am    Post subject: Reply with quote

How do I specify who can ping me who cannot?
Back to top
View user's profile Send private message
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Wed Dec 04, 2002 5:53 am    Post subject: Reply with quote

Quote:
How do I specify who can ping me who cannot?


This is ususally done at a firewall (wether on a PC or seperate piece of hardaware) or router. So you can setup and configure a router or just install/configure a firewall.
Back to top
View user's profile Send private message Visit poster's website
gigsvoo
Just Arrived
Just Arrived


Joined: 16 Aug 2002
Posts: 0


Offline

PostPosted: Wed Dec 04, 2002 6:54 am    Post subject: Reply with quote

Ok. I am running a Linux with Psyche, how do I use the firewall to configure? Does that mean I have to specify the IP range will do the tricks?

Then I shall look into documentation on configuring firewall. So the port is ICMP right?
Back to top
View user's profile Send private message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed Dec 04, 2002 11:23 am    Post subject: Reply with quote

You are breaking RFC if you don't allow any pings though, although microsoft.com does this (not surprisingly).

It's usually best to accept 1 or 2 for each IP then block any more from them for say 30 minutes.
Back to top
View user's profile Send private message Visit poster's website
gigsvoo
Just Arrived
Just Arrived


Joined: 16 Aug 2002
Posts: 0


Offline

PostPosted: Wed Dec 04, 2002 11:31 am    Post subject: Reply with quote

ShaolinTiger wrote:


It's usually best to accept 1 or 2 for each IP then block any more from them for say 30 minutes.


How to do this?
Very Happy
Back to top
View user's profile Send private message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed Dec 04, 2002 11:46 am    Post subject: Reply with quote

Read the funky manual associated with whatever firewall solution you have chosen to use.

Most firewalls allow an action following a give event, so in pseudo code.

Code:
On Ping from host, log host to host.log
Check host.log for number of pings
   If number of pings > 4
      Then run deny.sh script
   rm hosts.log
End


deny.sh would contain whatever is required to totally block an IP address from accessing anything from you and it would accept an argument (host).

There are plenty of ways to do this, this is just one idea I came up with.

ICMP doesn't use ports either, it's a protocol and has types (1-18 I think).

http://www4.ulpgc.es/tutoriales/tcpip/pru/3376c24.htm#icmp

I suggest you have a Google.
Back to top
View user's profile Send private message Visit poster's website
gigsvoo
Just Arrived
Just Arrived


Joined: 16 Aug 2002
Posts: 0


Offline

PostPosted: Wed Dec 04, 2002 12:29 pm    Post subject: Reply with quote

Hi,

I think I am too wimp on UNIX/Linux security, do you mind if I ask for detailed explanations and steps??? Please... Sad
Back to top
View user's profile Send private message
Mongrel
SF Mod
SF Mod


Joined: 30 May 2002
Posts: 8


Offline

PostPosted: Wed Dec 04, 2002 5:16 pm    Post subject: Reply with quote

Blocking ICMP ( ping) helps eliminate all but the more determined crackers from breaking into your system.

Very often, they'll scan a block of IP addies for open ports. The process goes much faster if they tell the scanner not to scan all ports on addresses that do not reply to a ping.

They find the most obvious machines more quickly.

The more determined will scan for open ports even if the computer does not reply to a ping. They will find your machine anyway but you make them work a little harder for it.
Back to top
View user's profile Send private message
browolf
Trusted SF Member
Trusted SF Member


Joined: 19 Apr 2002
Posts: 1


Offline

PostPosted: Wed Dec 04, 2002 7:33 pm    Post subject: Reply with quote

delete852 wrote:
in windows 2k pro, you can go and set up ipsec, to specifically deny, all ping requests to all ports. Its pretty cool. Check it out.


i googled ipsec but it all seemed to be talking about iis and servers.
if i did this on my winxp computer on dsl would internet p2p still work?
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Goto page 1, 2, 3  Next
Page 1 of 3


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter