Re: Blocking ping ?
From: Hal Burgiss (hal@burgiss.net)Date: 02/02/02
- Previous message: Michael Heiming: "Re: Blocking ping ?"
- Maybe in reply to: Michael Heiming: "Re: Blocking ping ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Hal Burgiss <hal@burgiss.net> Date: Sat, 02 Feb 2002 20:13:04 GMT
On Sat, 02 Feb 2002 14:56:30 -0500, Carlos Moreno <moreno_at_mochima_dot_com@m.com> wrote:
>
> Hi,
>
> I'm just curious as to why I can't seem to be
> able to refuse ping requests? (i.e., I don't
> want any machine from the outside world to ping
> my machine and receive a reply).
>
> I'm running a RedHat system, and I run setup,
> and the system service "echo" is off (am I
> mistaken in thinking that echo is the service
> corresponding to the ping facility? -- I don't
Yes, sadly mistaken.
> see any icmp listed in the system services).
That's because ping uses a protocol, ie ICMP, and is not a system
service. Leave echo service off too, it has no good use for most people.
man iptables|ipchains is the right way to do it. I would suggest not
blocking all ICMP, but just the ones like echo-request that might be
misused. Some (most?) ICMP are your friends and tell you things like
'network unreachable', etc.
-- Hal Burgiss
- Next message: Jorey Bump: "Re: ftp & ipchains: using the chains approach this time"
- Previous message: Michael Heiming: "Re: Blocking ping ?"
- Maybe in reply to: Michael Heiming: "Re: Blocking ping ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
