Why is it important to ignore ping requests?

[Lakisalayaw1970]

---

---

Why is it important to ignore ping request? Symantec site says it's better to be invisible rather than your machine be known as present in the internet.

Why would it be better if they didn't know your IP address and provider? Unless you're involved in human trafficking, I don't see the point to block ignore ping requests and such.

Can anyone explain this?

[Edited on 6.16.05 by Lakisalayaw1970]

[Lakisalayaw1970]

I use Brian Hill's Brickhouse on top of Mac OS X's firewall.

[coffeelover]

I found that filtering ICMP (ping) packets is more trouble than it's worth. There are lots of tools that will detect the presence of a device regardless of ICMP filtering. Filtering ICMP just makes troubleshooting network problems more difficult.

[berniej]

"Pinging" is the first thing a malicious hacker/cracker does to be certain that their target is online. Once they are sure that the machine exists, then they will start using more advanced tools to scan the target's open ports, then their "fun" begins.

There are pros and cons in filtering ping requests but if you don't think you need to be "pinged" from the internet, better set up those filters -- its better to be safe than sorry.

[lamski]

Hackers typically employ port scanners that scan sets of ip addresses. If you don't have a good firewall with proper rules, chances are, your computer will show up in their sweeps. This makes your machine a viable target for whatever devious plans hackers can think of. If your machine is set to respond to ping requests, you're likely to be vulnerable to denial-of-service (DOS) attacks. The ping response may also givea a lot of info about your machine and your network.

Try using a freshly installed, un-patched windows machine online and within 20 - 30 minutes it's already infected with spyware, trojans, viruses and other nasty stuff. It happened to my friends.

[Lakisalayaw1970]

Originally posted by berniej
...set up those filters -- its better to be safe than sorry...

Do you use anything heavier than the built in OS X firewall yourself? OS X does have Net Utility. I fire up Kismac once in a while to look for Wi-fi. I don't hack around. At most I'd do a reverse address seek using the phone number on Google. Now they have satellite picture built in Google maps.

I feel pretty safe though because I'm behind a router, use DSL (not cable), and have OS X firewall enabled.

[berniej]

Originally posted by Lakisalayaw1970

Originally posted by berniej
...set up those filters -- its better to be safe than sorry...

Do you use anything heavier than the built in OS X firewall yourself?

Not really since I'm also behind a router, at least two firewalls, a SPAM filter and a host of other security stuff I wouldn't even care to mention.

[Edited on 6-16-2005 by berniej]

[teng]

Originally posted by lamski
Hackers typically employ port scanners that scan sets of ip addresses. If you don't have a good firewall with proper rules, chances are, your computer will show up in their sweeps. This makes your machine a viable target for whatever devious plans hackers can think of. If your machine is set to respond to ping requests, you're likely to be vulnerable to denial-of-service (DOS) attacks. The ping response may also givea a lot of info about your machine and your network.

Try using a freshly installed, un-patched windows machine online and within 20 - 30 minutes it's already infected with spyware, trojans, viruses and other nasty stuff. It happened to my friends.

Yep!.. i agree on this..

[marcgalang]

I think It's more advisable to ignore UDP and TCP syns (hello messages), ping is used most of the time by IT personnel to diagnose the network.