Hello and welcome to our community! Is this your first visit?
Register

Results 1 to 9 of 9

Why is it important to ignore ping requests?

This is a discussion on Why is it important to ignore ping requests? within the Alt OS Archives forums, part of the Alternative Operating Systems category; Why is it important to ignore ping request? Symantec site says it's better to be invisible rather than your machine ...

  1. #1
    Lakisalayaw1970
    Guest Lakisalayaw1970's Avatar

    Default Why is it important to ignore ping requests?



    Why is it important to ignore ping request? Symantec site says it's better to be invisible rather than your machine be known as present in the internet.

    Why would it be better if they didn't know your IP address and provider? Unless you're involved in human trafficking, I don't see the point to block ignore ping requests and such.

    Can anyone explain this?

    [Edited on 6.16.05 by Lakisalayaw1970]

  2. #2
    Lakisalayaw1970
    Guest Lakisalayaw1970's Avatar

    Default

    I use Brian Hill's Brickhouse on top of Mac OS X's firewall.

  3. #3
    Mac Lover coffeelover's Avatar
    Join Date
    Apr 2004
    Age
    39
    Posts
    434
    Real Name
    Chris Chu

    Default

    I found that filtering ICMP (ping) packets is more trouble than it's worth. There are lots of tools that will detect the presence of a device regardless of ICMP filtering. Filtering ICMP just makes troubleshooting network problems more difficult.

  4. #4
    Apple Genius berniej's Avatar
    Join Date
    Apr 2004
    Location
    Laguna/SLEX/Makati
    Posts
    2,279

    Default

    "Pinging" is the first thing a malicious hacker/cracker does to be certain that their target is online. Once they are sure that the machine exists, then they will start using more advanced tools to scan the target's open ports, then their "fun" begins.

    There are pros and cons in filtering ping requests but if you don't think you need to be "pinged" from the internet, better set up those filters -- its better to be safe than sorry.

  5. #5
    Apple Genius lamski's Avatar
    Join Date
    May 2005
    Location
    Makati, Philippines
    Posts
    2,140
    Liked
    74 times
    Real Name
    Leonardo Mendoza

    Default

    Hackers typically employ port scanners that scan sets of ip addresses. If you don't have a good firewall with proper rules, chances are, your computer will show up in their sweeps. This makes your machine a viable target for whatever devious plans hackers can think of. If your machine is set to respond to ping requests, you're likely to be vulnerable to denial-of-service (DOS) attacks. The ping response may also givea a lot of info about your machine and your network.

    Try using a freshly installed, un-patched windows machine online and within 20 - 30 minutes it's already infected with spyware, trojans, viruses and other nasty stuff. It happened to my friends.

  6. #6
    Lakisalayaw1970
    Guest Lakisalayaw1970's Avatar

    Default

    Originally posted by berniej
    ...set up those filters -- its better to be safe than sorry...
    Do you use anything heavier than the built in OS X firewall yourself? OS X does have Net Utility. I fire up Kismac once in a while to look for Wi-fi. I don't hack around. At most I'd do a reverse address seek using the phone number on Google. Now they have satellite picture built in Google maps.

    I feel pretty safe though because I'm behind a router, use DSL (not cable), and have OS X firewall enabled.

  7. #7
    Apple Genius berniej's Avatar
    Join Date
    Apr 2004
    Location
    Laguna/SLEX/Makati
    Posts
    2,279

    Default

    Originally posted by Lakisalayaw1970
    Originally posted by berniej
    ...set up those filters -- its better to be safe than sorry...
    Do you use anything heavier than the built in OS X firewall yourself?
    Not really since I'm also behind a router, at least two firewalls, a SPAM filter and a host of other security stuff I wouldn't even care to mention.

    [Edited on 6-16-2005 by berniej]

  8. #8
    teng
    Guest teng's Avatar

    Default

    Originally posted by lamski
    Hackers typically employ port scanners that scan sets of ip addresses. If you don't have a good firewall with proper rules, chances are, your computer will show up in their sweeps. This makes your machine a viable target for whatever devious plans hackers can think of. If your machine is set to respond to ping requests, you're likely to be vulnerable to denial-of-service (DOS) attacks. The ping response may also givea a lot of info about your machine and your network.

    Try using a freshly installed, un-patched windows machine online and within 20 - 30 minutes it's already infected with spyware, trojans, viruses and other nasty stuff. It happened to my friends.

    Yep!.. i agree on this..

  9. #9
    Mac Lover marcgalang's Avatar
    Join Date
    May 2004
    Location
    Turku, Finland
    Age
    30
    Posts
    203

    Default

    I think It's more advisable to ignore UDP and TCP syns (hello messages), ping is used most of the time by IT personnel to diagnose the network.

  10.   




 

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •