+5 votes
430 views
How to block ICMP Ping in Linux

in Linux / Unix by (552k points)
reopened | 430 views

1 Answer

+3 votes
Best answer

1. Block Pingo with IPTABLES on Linux
2. Block Ping with variables in the Linux Kernel
3. Block Ping with UFW on Linux

Millions of packets are transmitted daily through the Internet for the effective communication of various data and throughout this process there are millions of threats that put this information at risk , a practice that we can implement is the blocking of ICMP messages since with this IP flooding on the server and denial of service attacks are avoided, which would significantly affect the performance of system processes..

Recall that, in order to exchange status data or error messages correctly, the nodes resort to the Internet Control Message Protocol - Internet Control Message and Error Protocol (ICMP), which has been developed to provide incident reports. in the delivery of packages or errors in the network.

There are several ways to block these ICMP messages and today in TechnoWikis we will see some of these options..


1. Block Pingo with IPTABLES on Linux


IPTABLES is an integrated Firewall tool through which it will be possible to create rules for each packet filtering and NAT modules thus implementing system security.
Step 1

In this example we will use Ubuntu 17 and for this we access the terminal and first we must log in as root users by executing the following command:
 sudo -i 

image

Step 2

Once we are as root users, we will add the following IPTABLES rule:
 iptables -A INPUT --proto icmp -j DROP 
Step 3

We can see the rule created by executing the following:
 iptables -L -n -v 

image

Step 4

We can ping a website to see if there is a response or not, remember that the ping command allows us to see the availability of a website by sending a series of packages and receiving responses from them. In this case we can see that several minutes have passed and no response is obtained.

image


2. Block Ping with variables in the Linux Kernel


Another option to use in Linux for blocking ICMP messages is to add certain variables to the system kernel which is responsible for removing all ping packets.
Step 1

To use this method we must first execute the following command:
 sysctl -p 
Step 2

Then we execute the following line:
 echo “1”> / proc / sys / net / ipv4 / icmp_echo_ignore_all 
Step 3

Then, we will add the following line to the /etc/sysctl.conf file:
 echo “net.ipv4.icmp_echo_ignore_all = 1” >> /etc/sysctl.conf 

image


3. Block Ping with UFW on Linux


UFW is a modern firewall that can be implemented in Debian, CentOS and Ubuntu and through which we have the opportunity to make and manage various rules focused on system security.
Step 1

If we use UFW, we must access using the desired editor to the following file, /etc/ufw/before.rules:
 sudo nano /etc/ufw/before.rules 
Step 2

There, we will locate the ok icmp codes for INPUT section and add the following line:
 -A ufw-before-input -p icmp --icmp-type echo-request -j DROP 

image

Step 3

We save the changes using the following key combination:

+ O Ctrl + O

We leave the editor using:

+ X Ctrl + X

Step 4

We will execute the following line to restart the firewall and apply the changes:
 ufw disable && ufw enable 

image

Step 5

If we are using CentOS 7 or RedHat we must execute the following lines to add the rule:
 firewall-cmd --zone = public --remove-icmp-block = {echo-request, echo-reply, timestamp-reply, timestamp-request} --permanent firewall-cmd –reload 
In this way we have blocked the use of ICMP and with this we prevent multiple attackers from being able to access our network and use network addressing to affect the local network and optimal system stability.

by (3.5m points)
edited

Related questions

+4 votes
1 answer
asked Oct 2, 2019 in Linux / Unix by backtothefuture (552k points) | 285 views
+5 votes
1 answer
asked Nov 10, 2019 in Linux / Unix by backtothefuture (552k points) | 512 views
+4 votes
1 answer
asked Feb 8, 2022 in Guides by backtothefuture (552k points) | 97 views
+4 votes
1 answer
+3 votes
1 answer
asked Oct 20, 2020 in Linux / Unix by backtothefuture (552k points) | 253 views
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users