You don't need to disable ping on your internal network, only at the router. Because of NAT, nobody can really ping your internal system.

Try this. Keep ping enabled on your Linux, and in your router, run this on Linux:

sudo tcpdump -i any icmp

Now go to any "online ping service" and ping your address. I will not spoil the result for you.

On Thu, Aug 30, 2018, 12:17 Alvin Starr via talk <talk@gtalug.org> wrote:

On 08/30/2018 11:00 AM, Howard Gibson via talk wrote:

> Jamon,
>
> I am assuming that someone will use ping to search a network for interesting stuff. If the IP address does not respond to ping, the cracker will keep searching. All the other ports are closed too. The security is not perfect, but I am hoping to have escalated things beyond the capabilities of some script kiddies.
Closing the ports is sufficient.

I know someone is at 1234 Bloor St. but that does not help much with
breaking in.
I still need a way to get past the front door.

>
> On Thu, 30 Aug 2018 08:20:21 -0400
> Jamon Camisso via talk <talk@gtalug.org> wrote:
>
>> On 29/08/18 21:44, Howard Gibson via talk wrote:
>>> I am playing with my hack Ubuntu machine, and I am sorting out
>>> security. I want to disable ping. This is a laptop, and I want to
>>> document the application of aluminium foil.
>> Could you elaborate a bit about how disabling ICMP enhances security of
>> this system? I'm curious what kind of information you're trying to
>> control with it off.
>>
>> Cheers, Jamon
>> ---
>> Talk Mailing List
>> talk@gtalug.org
>> https://gtalug.org/mailman/listinfo/talk
>

--
Alvin Starr || land: (905)513-7688
Netvel Inc. || Cell: (416)806-0133
alvin@netvel.net ||

---
Talk Mailing List
talk@gtalug.org
https://gtalug.org/mailman/listinfo/talk