Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Drifting on January 25, 2004, 07:56:05 PM
-
Sorry if this is an FAQ, I have searched though the site as best I could.
What I really want to do is stop my server replying to a ping? is it possible? I have noticed in my snort logs that our ISP seems to be suffering from windows machines with worms? or something? The log always starts with a ping, then proceeds to do a port scan. However I have another server on the same ADSL line (With another IP) which has MS ISA server, which I have managed to stop responding to ping requests, and that very rarely gets port scanned.
I have SME 5.6 with latest patches.
Have I lost the plot over this? as I am a newbie to SME and Linux.
Drift. :-(
-
This is a very old subject. Try searching first.
I you are trying to stop Cyberkit ICMP Pings, check out this thread: http://forums.contribs.org/index.php?topic=18665.msg73540#msg73540
-
I just did this to my own firewall. There is probably an easier/better way of doing this, but it works.
copy: /etc/e-smith/templates/etc/rc.d/init.d/masq/90adjustICMPIn
to: /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/90adjustICMPIn
edit the section: my @OKicmpTypes
Remove the line that says: echo-request
run: /sbin/e-smith/expand-template /etc/rc.d/init.d/masq
run: service masq restart
Try a firewall tester like Shields-up at http://www.grc.com to see if you can be pinged.
Hope that helps :-D
- Mark
-
Hi,
Try this contrib: http://no.longer.valid/mylinks/visit.php?cid=123&lid=371
And there is a How To here :
How To (http://www.muzo.homeip.net/nest/contribs/HowTo/howto-SME-Masq-manager.htm)
-
Thanks for the responses, Bobk was spot on it was the Cyberkit!
The howto did the trick.
Regards Drift.