Greetings netmask ,
netmask wrote:
You can follow the others advice for iptables stuff.. or shutting down services.. in addition, you could block ICMP via iptables..
but I prefer to disable it via proc
echo "1" >/proc/sys/net/ipv4/icmp_echo_ignore_all
However.. ICMP serves a purpose.. if you are running a server, it isn't recommended that you disable it.
And if you are running a client you might need it . I recall about 3 years ago ( might be more ) when i accessed IRC , Ping was used to verify that your connection to the server was still on , in which case
if you denied the ping then you would get disconnected . Just an example
that came in mind where pings are usefull .
You can find all open ports, and what applications are using them via: lsof -i -n
Thanks very much for a command
By the way isn't FC2 supposed to have telnet disabled by default
( I have FC 1 ), for the very reason that Alexander Dalloz suggested the use of ssh ?
A final note for Alexander Dalloz , could you please provide me the title of the thread that was discussing the issues between DROP and REJECT that you mentioned on your posting of 24/07/2004 11:30 PM ( Am on GMT+2 so there might be a variation on the original time you sent it , but 11:30 PM is the time that Mozilla gives ) And if it's not a real pain could you please explain a bit more that "security by obscurity" you said in regard to blocking the icmp echo request ?
Kind Regards, Kostas
