Not responding to pings is more "security by obscurity" than anything
useful. You can still be port scanned if ping replies are disabled,
and you can still be subject to a denial of service attack. And of
course, if you WERE running exploitable services for the outside
world, they could still be connected to. Blocking pings can also make
it harder to do basic troubleshooting, particularly in larger
networks. It probably won't cause you much grief to block ping
replies, but it won't gain you much in the way of being more secure.
Anthony
On 2/19/06, Siri Amrit Kaur <
tigerflag@tigerflag.com> wrote:
> I'd like to learn about Pings. I did a port scan test and all my ports are in
> stealth mode, but my system responded to pings and the test results said that
> was a security risk. If that's true, how do I make it not respond to pings?
> Is there a SIMPLE way to do this? I'm scared to go mucking about in iptables.
>
> A little info on my setup:
> I'm using PCLOS (based on Mandrake) and the Shorewall firewall, on a
> standalone box with a DSL modem/router. I'm not running any servers. I have
> the software firewall in the modem turned off because it was screwing some
> things up.
>
> Thanks,
>
> Siri Amrit
> --
> Tigerflag Natural Perfumery, LLC
> www.tigerflag.com
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)