Ping: How to turn off ICMP ECHO Response on Linux Server

Kernel parameters provide a mechanism to adjust the functioning of the Linux kernel. The sysctl command can be used to view and set kernel parameters and ping response can also be denied by just changing the kernel parameter value. Let's check the present value of kernel parameter,

# sysctl net.ipv4.icmp_echo_ignore_all

Most likely it will show zero which means your system will request and respond normally to pings. So now by changing the value of kernel parameter net.ipv4.icmp_echo_ignore_all to 1 from 0 will prevent other hosts from successfully pinging your server while not affecting your ability to ping other servers in the network.

To change the kernel parameter value,

# sysctl -w net.ipv4.icmp_echo_ignore_all=1

So now even if you try to ping your own network address from your host it should not work because by changing the kernel parameter value we told kernel to not respond any ICMP ECHO request.

The changes we made are temporary because sysctl command actually made the changes in /proc filesystem so if you want the changes to persist across reboots you need to put the below entry in /etc/sysctl.conf file at the bottom and you are done.

To add the entry in sysctl.conf run,

# echo "net.ipv4.icmp_echo_ignore_all=1" >> /etc/sysctl.conf

Any feedback will be highly appreciated.

Suggested Posts,

• Character Encoding: Convert from UTF-8 to ISO-8859-1
• udev: renamed network interface eth0 to eth1
• vCenter Server 5: Important Installation Tip
• Change Login Shell of Linux User

This post appeared on the softlexicon.com by Sumit Goel. Copyright © 2012 – softlexicon.com and Sumit Goel. All rights reserved. Not to be reproduced for commercial purposes without written permission.