You need to disable your server to respond to ICMP requests. Although "ping" uses TCP/IP Port, the Protocol is ICMP and NOT TCP/UDP, which is a network "control" protocol.
You have several options:
vi /etc/sysctl.conf
and add this directive:
Code:
net.ipv4.icmp_echo_ignore_all = 1Now, you won't be able to ping external interfaces.
If you wish to block ping echo reply or requests, you can use this rule with IPtables:
iptables -A INPUT -p icmp --icmp-type 8 -s SourceIPAddress -j DROP
OR
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP to block incomming pings
OR
iptables -A OUTPUT -p icmp -o eth0 -j DROP
echo 1>/proc/sys/net/ipv4/icmp_echo_ignore_all
which will drop all echo reply. Overall, you need to be very careful as ping is needed by different services/networks. Use at your own risk.
Infopro
Well-Known Member
Or do yourself a favor and install CSF and tick the check boxes to disable ping.
http://www.configserver.com/cp/csf.html
(see screenshot #1)
http://www.configserver.com/cp/csf.html
(see screenshot #1)
You actually believe they won't find if it's not pingable? 
lol. Good idea, but in the meantime you'll frustrate people trying to troubleshoot as well as break many small things.
Instead, I'd install CSF and mod_security and set them up, change your ssh port, and then go get a server hardening package.
lol. Good idea, but in the meantime you'll frustrate people trying to troubleshoot as well as break many small things.Instead, I'd install CSF and mod_security and set them up, change your ssh port, and then go get a server hardening package.
I don't think disabling ping on the server is a bad idea. I am not sure of any networking tool that uses only ping to identify the server being up/down. At the current point most of them uses telnet I suppose.
Yes, there is an disadvantage of clients complaining their site being down just because they cannot ping it.:D
Yes, there is an disadvantage of clients complaining their site being down just because they cannot ping it.:D
Last edited:
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| N | Blocking countries : The big Google Ads issue | Security | 3 | |
|
how to know WHY my firewall block a particular IP? | Security | 7 | |
| S | Firewall CC_Deny blocks spammers but also WHM updates | Security | 4 | |
| C | WHM constantly blocks me | Security | 6 | |
| E | Backlisted all Countries into cPHulk Brute Force Protection now blocked | Security | 4 |