how to block the ping.?

after the blaster virus attack , my ISP told me that he has blocked
the ping on his machine.
and then onwards the ping to his IP was always unsuccessful.
I tried on the net regarding "blocking the ping" but couldn't get any
reference.
can anyone tell me how to block the ping ?


regards,
Yogesh Joshi

On 2004-08-14, yogesh <(E-Mail Removed)> wrote:
> can anyone tell me how to block the ping ?

Block the icmp echo packets.
Davide

--
Garter, n.:
An elastic band intended to keep a woman from coming out of her
stockings and desolating the country.
-- Ambrose Bierce, "The Devil's Dictionary"

(E-Mail Removed) (yogesh) writes:

]after the blaster virus attack , my ISP told me that he has blocked
]the ping on his machine.
]and then onwards the ping to his IP was always unsuccessful.
]I tried on the net regarding "blocking the ping" but couldn't get any
]reference.
]can anyone tell me how to block the ping ?

Why?

yogesh wrote:

> after the blaster virus attack , my ISP told me that he has blocked
> the ping on his machine.
> and then onwards the ping to his IP was always unsuccessful.
> I tried on the net regarding "blocking the ping" but couldn't get any
> reference.
> can anyone tell me how to block the ping ?

Any decent firewall can be configured to block pings. You filter according
to ICMP message number for ping request.

--

(This space intentionally left blank)

Davide Bianchi wrote:

>> can anyone tell me how to block the ping ?
>
> Block the icmp echo packets.
>

Actually, you want to block the ping requests. Blocking the echos will
prevent you from using ping.

--

(This space intentionally left blank)

Bill Unruh wrote:

> Why?

To make it more difficult for attackers to determine there's a computer at
your address. A properly blocked computer appears virtually invisible to
the internet.


--

(This space intentionally left blank)

yogesh wrote:
> after the blaster virus attack , my ISP told me that he has blocked
> the ping on his machine.
> and then onwards the ping to his IP was always unsuccessful.
> I tried on the net regarding "blocking the ping" but couldn't get any
> reference.
> can anyone tell me how to block the ping ?

Try "block icmp echo request" instead.

Since others have already answered Your question, this is my "Two-
pennce"...

Ping is, essentially, part of ICMP, Internet Connection Management
Protocol. As for ping, You have a subtype of "echo request", "PING",
and "echo reply", aka "PONG".

Try googling those two. - You can block or allow them via iptables
just as any other packet. -- Please note: Running a public server that
does _not_ allow ping violates the standards.

Unfortunally, nowadays, You get kicked in the ass when running a com-
pliant server. So simply drop ICMP traffic, unless it comes from the
protected side of Your DMZ...


Cheers, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...

On Sat, 14 Aug 2004 21:06:16 GMT, James Knott wrote:

>> Why?
> To make it more difficult for attackers to determine there's a computer at
> your address. A properly blocked computer appears virtually invisible to
> the internet.

many scanning tools don't even use ICMP to detect if there is other
computer on the network. I see no point in blocking ICMP echo.

--
(E-Mail Removed)t, ICQ# 15827691, TLEN: taked4
EMAIL: (E-Mail Removed)
(remove CAPITAL letters from email if you want to contact me)
*http://eggwiki.takeda.tk - pomoc w u¿ywaniu botów po polsku*

> > To make it more difficult for attackers to determine there's a computer
at
> > your address. A properly blocked computer appears virtually invisible
to
> > the internet.
>
> many scanning tools don't even use ICMP to detect if there is other
> computer on the network. I see no point in blocking ICMP echo.

If nothing else, it prevents things like "ping -s 1024 -f some.host.dom".
There are, of course, much more elegant ways to handle that sort of
situation (such as rate-limitting the pings), but if all you want to do is
bash the problem with a big rock, blocking all pings will work.

I don't really care if someone wants to prevent pings. However, at least
several times per year, we have people complaining about connection problems
to our site (which often present themselves in odd ways), so their network
admins will give me a call. In every case so far except one, the admin on
the other end had thought "I'm going to beef up security", and simply
blocked *all ICMP*, not realizing that things would break. The biggest pain
is that I usually have to spend twenty minutes explaining to them why it's
necessary, and they get offended and rude. But when they allow ICMP
through, things just "magically" start to work.

(The only time the problem wasn't related to indiscriminately blocking
ICMP was an issue with their Cisco router having the ethernet intferface set
to auto-negotiation. $5 no-name, generic network cards get it right, I
can't understand why Cisco never has.)

steve

> Unfortunally, nowadays, You get kicked in the ass when running a com-
> pliant server. So simply drop ICMP traffic, unless it comes from the
> protected side of Your DMZ...

Then wonder why some people on the outside have issues with transfer from
your server.

steve