Prevent ping/icmp attacks using kernel parameter
Write the following line in the file "/etc/sysctl.conf"
net.ipv4.icmp_echo_ignore_all = 1
Save the file & restart network service [command: service network restart]
OR
Save the file & run "sysctl -p"
We can also change the value of this runtime kernel parameter to 0 (zero) using the command:
echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all
If the value is "1" -->> The system will ignore all icmp/ping requests.
If the value is "0" -->> The system will accept all icmp/ping requests.
skip to main |
skip to sidebar
This site contains my posting on different issues on Fedora Administration & Troubleshooting, which I had faced,I had solved, I may face during Server & Network Administration. Some portion of my postings will give performance improvement Tips & Tricks for the Fedora-Lovers. Some portion of my postings will give list of new features in latest Fedora version.
Custom Search
My Posts
-
►
2009
(3)
- ► April 5 - April 12 (1)
Labels
- Account Management (1)
- Fedora (14)
- Fedora and IBM xSeries (2)
- Fedora install (1)
- File System (1)
- Fun with Linux (2)
- GUI problems (1)
- Hardware (1)
- multimedia (2)
- Networking (3)
- Performance Issues (1)
- process_limit (1)
- proxy (2)
- rpm (1)
- yum (3)
About Me
- B Dey
- Chittaranjan, India
1 comment:
How this can be done on IPv6 interface?
Post a Comment