On Thu, 30 Aug 2018 12:24:31 -0300 Mauro Souza via talk <talk@gtalug.org> wrote:
You don't need to disable ping on your internal network, only at the router. Because of NAT, nobody can really ping your internal system.
Try this. Keep ping enabled on your Linux, and in your router, run this on Linux:
sudo tcpdump -i any icmp
Now go to any "online ping service" and ping your address. I will not spoil the result for you.
Mauro, I go to http://www.grc.com (Steve Gibson is not a relation as far as I can tell) and I run their True Stealth analysis. My first 1056 ports are closed, but it responds to ping. This is my router. My desktop behind the router is not particularly well locked down. Yes, tcpdump has an interesting output. -- Howard Gibson hgibson@eol.ca jhowardgibson@gmail.com http://home.eol.ca/~hgibson