The ping time is defined as the time taken for the ping command to complete the round trip. If a server or a machine is up and running, the IP response will be generated. Hence, you can also use it to scan the range of IP address for all those reachable hosts.
However, if you disable the ping command, you will go ghost on the network, and nobody will identify you. This has some potential advantages.
Advantages of Disabling Ping On Linux Servers
Some of the significant advantages of why someone might want to disable ping on their machines are -
- To make the server on the network more secure.
- To save the server from attacks generated from a compromised server.
- To prevent the ping for an attack to kill the machine.
- To hide the system or server in the network.
Before discussing a few methods to disable ping on your machine in a network, we must understand what IP tables are and what ICMP stands for.
Understanding IP tables
IP tables are firewalls in the command lines that prevent or allow traffic from servers mentioned in the chain of policy. For monitoring the traffic, it uses packets. When a different machine wants to connect with you, the iptable checks the sender's information in the iptables, containing a list of all the servers that the current machine is allowed to communicate with. If the server's IP address that is trying to connect with you is not on the list, it will prevent the connection.
ICMP abbreviates for Internet Control Message Protocol. It's different from TCP. It does not have ports and does not allow the transfer of data for control purposes. It is used to send or receive error messages and verify the connection between other IP addresses.
How to disable ping on Linux Servers?
There are several methods to disable ping on Linux servers, and they vary from one Linus distro to another. However, here we have discussed some methods that can be used in almost any Linux machine.
Using ICMP echo
Using ICMP echo is a useful way to stop responses for a ping from your Linux server.
$ echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
You need to have sudo privileges to run this command. After running this command, we will try to ping the server to test the command.
We can notice that there are no responses from the ping. Let's try to enable the ping once again. We can use 0 instead of 1 this time.
$ echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all
You can see that we now have a response to the ping command after we have enabled it again.
Please note that this way of disabling the ping command is only temporary and we get reset after you reboot the system. If you want to make the changes permanently, you need to edit the /etc/sysctl.conf configuration file.
net.ipv4.icmp_echo_ignore_all = 1
You can add this line to the file and update the change; you can run this command.
$ sysctl -p
Using IP Tables
One of the best ways to stop ping responses is by using IP tables. Before we step further, we must ensure that IP tables exist in our server or machine. We can verify this by finding out the version of IP tables in the system.
$ iptables --version
IP tables are usually pre-installed in almost all Linux distros. Now, we need to use the following commands first.
$ iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
$ iptables -A OUTPUT -p icmp --icmp-type echo-reply -j DROP
After that, to add the rules to the iptables, we can use this command -
$ iptables -L
Once you are done, let's try to ping the server once again.
We can notice that we did not get a response when we pinged the server.
Although there are tons of benefits and advantages of disabling ping on your Linux server, you might not be able to perform several valuable things as well. You will be barred from performing diagnostics, sweeping servers over the network, sharing information related to security, etc. When you connect to a specific network for an interactive gaming experience, the quality of pings might hamper your experience.
In this guide, we discussed two important methods that will allow you to disable ping on any Linux server with root privileges, and you will be able to work on the network without exposing yourself. You will be invisible to hackers, hide your presence in the local network, and enjoy your privacy.
We started with a basic understanding of the ping command and how it works by sending packets. We discussed the several advantages that you can enjoy by disabling ping on Linux servers across the network. Moving ahead, we discussed some important concepts such as IP tables and how they work along with the ICMP protocol. Using these concepts, we discussed two different methods to disable ping.
We certainly hope that using this detailed and comprehensive guide will allow you to effectively disable ping either temporarily or permanently on your Linux Servers.