| From: James Knott via talk <talk@gtalug.org> | On 08/30/2018 06:11 AM, o1bigtenor via talk wrote: | > I have ping disabled directly on my router so none of the machines | > behind it can be accessed from outside. | | How does disabling ping on a router prevent access to what's behind it? | Ping has nothing to do with routing. 1) OP's question was asking about a solution without stating a real problem that needed solving. (See 2). 2) almost everyone's LAN is behind NAT so pings from the outside world cannot even address LAN nodes. In other words, no problem exists. 3) obligtenor might have: a) assumed the only place pings could be a problem would be on the router itself (because it alone has a globally routable address) and so addressed that problem b) assumed that since the router is a gateway, it can filter pings destined for LAN. If you hook up the notebook to a hostile LAN or WAN, then the solutions are different. But I think that pings are the least of your worries. I guess your notebook could be an unwitting accomplice of a DDOS attack. Many people do think that depending solely on a firewall for network security is a bad model. "Crunchy on the outside, soft on the inside." Every node should be hardened. But what are you going to do to harden you IoT devices (light bulbs, fridges, settop boxes, thermostats, watches, ....)?