ping

Protecting your Linux box
venky145
Havaldaar
Posts: 118
Joined: Thu Jan 13, 2005 2:35 pm
Location: qatar
Contact:

ping

Postby venky145 » Wed Jan 17, 2007 1:39 pm

hi

how to deny my server ping except one system.

lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Postby lambda » Wed Jan 17, 2007 1:49 pm

with an iptables output rule that allows icmp echo/echoreply to that host, and blocks it for all others.

be sure to make your rule operate on echo and echoreply packets only -- you don't want to block all icmp traffic.

sakimustafa
Lance Naik
Posts: 41
Joined: Sat Jan 13, 2007 1:36 pm
Location: Bangladesh
Contact:

Postby sakimustafa » Wed Jan 17, 2007 2:11 pm

Dear,
Just type this:
iptables -A OUTPUT -d ! 10.0.40.2 -p icmp -j DROP
Best Regards,
SAKI
8801712764543

lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Postby lambda » Wed Jan 17, 2007 2:45 pm

which means now your system won't deal with traceroute or send icmp unreachable port messages to other hosts.


Return to “Security”

Who is online

Users browsing this forum: No registered users and 1 guest