This simple and brief tutorial is going to show you how to disable ping response on Ubuntu Server to make it more secure.
To get started, you need to first run command below to get the root privilege:
sudo su
Then, you can disable ping for IPv4 using the command below to set config file value to 1:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
For IPv6, you may use the command below instead:
echo 1 > /proc/sys/net/ipv6/icmp/echo_ignore_all
Or, you can use iptables
command instead to do the same job. Though, you need to replace eth0 to yours network interface name (run ip -4 address
to tell).
iptables -I INPUT -i eth0 -p icmp -s 0/0 -d 0/0 -j DROP
To re-enable ping response, use commands:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo 1 > /proc/sys/net/ipv6/icmp/echo_ignore_all
or
iptables -I INPUT -i eth0 -p icmp -s 0/0 -d 0/0 -j ACCEPT
To make it permanently, edit the “/etc/sysctl.conf” file and add the link below, so that the setting gets picked up at boot time.
net.ipv4.icmp_echo_ignore_all=1