On 08/30/2018 06:11 AM, o1bigtenor via talk wrote:
On Wed, Aug 29, 2018 at 10:58 PM, Howard Gibson via talk <talk@gtalug.org> wrote:
On Wed, 29 Aug 2018 22:03:52 -0400 Alvin Starr via talk <talk@gtalug.org> wrote:
you could also do the following:
sudo sysctl net.ipv4.icmp_echo_ignore_all=1 Alvin,
That's it. I saw instructions on the internet to update /etc/sysctl.conf, but they did it wrong. Your command line works!
Thank you.
I will be updating my website to show easy install methods for Ubuntu and Fedora.
Greetings
I have ping disabled directly on my router so none of the machines behind it can be accessed from outside.
Why wouldn't you do it there?
A possible answer is that you are using the laptop truly mobile but that would be the only need for such a mod imo. For those that 'know' is there any other scenario where you might want to disable ping access on a machine basis?
Regards
I am not a big fan of disabling pings. When ping is disabled it makes it extremity hard to diagnose network problems. I operated an ISP and it would be very hard to diagnose network problems on systems with ping disabled. There are other tools but most of them require software on both systems where ping is simple and easy to setup It is possible to limit ping both in size and frequency. Disabling ping is of very limited value to stop hackers because port scanning software will just try the well known ports and will find you if you have the ports open. Incoming ping floods will still suck up all your incoming bandwidth even if you have pings disabled. Also ping floods have fallen out of vogue as a DOS attack vector. -- Alvin Starr || land: (905)513-7688 Netvel Inc. || Cell: (416)806-0133 alvin@netvel.net ||