I don't know which kernel version introduced this, but there are two
different flags in /proc/sys/net/ipv4 that you can set to ignore either
all echo requests or those broadcast to multicast addresses.
E.g. to ignore all echo requests:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
Have a look at /usr/src/linux/Documentation/proc.txt
On Sat, 24 Jun 2000, Nitebirdz wrote:
> On Fri, 23 Jun 2000, Burke, Thomas G. wrote:
>
> > go to /etc/inetd.conf
> >
> > Comment out lines for
> > #echo stream tcp nowait root internal
> > #echo dgram udp wait root internal
> >
> > save it.
> >
> > then:
> >
> > "killall -HUP inetd"
> >
> > then edit hosts.deny and add the line:
> >
> > 7:ALL
> >
> >
> > (port 7 is the echo port - ALL means noone is allowed to use it through
> > tcpwrappers)...
> >
> >
> >
> > Alternately, hosts.deny can just say ALL:ALL
> > then hosts.allow can be <port>:<machine> that are allowed to be used/use...
> >
>
> This doesn't seem to work at all. I believ the only way to do it must be
> using ipchains, but even in that case you must be really careful because
> it tends to break other useful services.
>
>
> ------------------------------
> Nitebirdz
> http://www.linuxnovice.org
> Tips, articles, news, links...
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
