Table of Contents
About the ping command
Through the ICMP protocol, that is, the popular command ping We can know if a certain computer is alive on the network, if we have routes, I walk to it without problems.
So far it seems beneficial and it is, however like many good tools or applications, it can be used for harmful purposes, for example a DDoS with ping, which can translate into 100.000 requests with ping per minute or per second, which could crash the end computer or our network.
Be that as it may, on certain occasions we want our computer not to respond to ping requests from others on the network, that is, to appear not to be connected, for this we must disable the ICMP protocol response in our system.
How to verify if we have enabled the ping response option
There is a file in our system that allows us to define in an extremely simple way, if we have enabled the ping response or not, it is: / proc / sys / net / ipv4 / icmp_echo_ignore_all
If that file contains a 0 (zero), then everyone who pings us will get a response whenever our computer is online, however, if we put a 1 (one) then it does not matter if our PC is connected or not, it will appear not to be.
In other words, with the following command we will edit that file:
sudo nano /proc/sys/net/ipv4/icmp_echo_ignore_all
We change the 0 for 1 and we press [Ctrl] + [O] to save, and then [Ctrl] + [X] to exit.
Ready, our computer does NOT respond to the ping of others.
Alternatives to protect ourselves from ping attacks
Another alternative is obviously using a firewall, using iptables it can also be done without much hassle:
sudo iptables -A INPUT -p icmp -j DROP
Then remember, the iptables rules are cleaned when the computer is restarted, we must by some method save the changes, either through iptables-save and iptables-restore, or by making a script ourselves.
And this has been it 🙂