how to block ping request through my global IP?

**dammy** · 05-03-2010, 01:44 AM

i notice that port check is available when requested or sniffed by a probe protocol through my IP and my router was not able to block this request. my question is how to configure this as my first line of defense? my ISP is pldt, i notice also other ISP when i request port check, my request is block by the the their ISP

does our isp have to implement first line of defense or its in our part to implement this?

Code:

Starting Nmap 5.21 ( http://nmap.org ) at 2010-05-03 01:55 China Standard Time

Nmap scan report for ---.----.---- (0.0.0.0)

Host is up (0.0045s latency).

rDNS record for 0.0.0.0 : 0.0.0.0.pldt.net

Not shown: 988 closed ports

PORT     STATE SERVICE

21/tcp   open  ftp

22/tcp   open  ssh

25/tcp   open  smtp

80/tcp   open  http

110/tcp  open  pop3

443/tcp  open  https

5000/tcp open  upnp

5001/tcp open  commplex-link

5800/tcp open  vnc-http

5900/tcp open  vnc

8000/tcp open  http-alt

8080/tcp open  http-proxy



TRACEROUTE (using port 256/tcp)

HOP RTT     ADDRESS

1   1.00 ms 0.0.0.0.pldt.net (0.0.0.0)



Nmap done: 1 IP address (1 host up) scanned in 2.09 seconds

**doomsweek** · 05-03-2010, 03:00 AM

You might want to try letting someone else port scan your machine. That is, someone outside your local network e.g. from the internet. AFAIK, if you're port scanning a computer locally (same computer i.e. 127.0.0.1) you might be bypassing the routers firewall.

As for blocking ping requests, some routers have a firewall included in them and you could set them up to block ping requests or ICMP echo request packets.

**mazkot** · 05-03-2010, 10:00 AM

request it from pldt to disable it if this a static IP.

**netcommando** · 05-03-2010, 10:03 AM

disbale icmp in your router... or apply access list disabling icmp

**dammy** · 05-03-2010, 02:16 PM

How i secure a router from ICMP attack. Everybody seems able to reboot some router by flooding it with ping requests.

**cloud** · 05-03-2010, 02:34 PM

naa na sa router disable PING from WAN side.

**mazkot** · 05-03-2010, 06:37 PM

add a secondary firewall or change your router with a much more secured 1. kung na-a ka wawarts for every service you want to host have a separate server behind a primary and secondary firewall..

**kakashiOO7** · 05-03-2010, 09:08 PM

eformat nalang jud na imong pc bai..

...

jok lang...... dili man effective nang kung router ang inyong tirahon, kay as what the TS said naay ping attack nga makapa-plip/overload sa imong router... so naa ra jud sa ISP na side...
mura gud sa YM Booter, masking unsaon pa nimog tweak sa imong YM client, madutlan jud nag BOOT kay client side raman ang imong gitweak.

**netcommando** · 05-05-2010, 12:16 AM

kung sa router ka mag-apply ug access-list or disable ping from wan, hago gihapon ang router kay i-process man gihapon ng mga ping attacks, ang the best is firewall jud aron limpyo ng dawaton sa router

**dammy** · 05-05-2010, 02:29 AM

im not very good on network protocols, but i found an alternative way to put more security on the system, i requested for 2 dynamic isp residential package then i isolate some sensitive ports to more secure connection, then i sign up for dyndns for auto update for an ip, built one cheap machine to handle a time frame to activate dyndns and a little trick of mine i integrate my VoIP activation code for the system to boot up for emergency. i dont think if its cool but it works. my VoIP as my master key for all networks.

Thread: how to block ping request through my global IP?

Thread Tools

Search Thread