Originally Posted by
guimaster
I continually fail the GRC Shield's Up test by having a ping get through to my computer. How can I put a stop to ICMP reaching my computer?
It's neither here nor there (since your "home router/NAT device" is likely responding), but I don't think it is a particularly necessary - or good - thing to drop ICMP echo requests. I wish grc's scanning service would not represent that as a problem.
In the future, if you'd like to see what's happening with ICMP traffic on your host, you can watch it with tcpdump.
For example:
Code:
$ sudo tcpdump -i <int> icmp
... where <int> should be the network interface you're monitoring, e.g. eth0 or wlan0.
- If you observe icmp echo requests and replies, then the ping request is reaching your host and being replied to.
- If you observe icmp echo requests but not replies, then the ping request is reaching your host and being filtered/ignored.
- If you observe neither, the request is not reaching your host at all..
Bookmarks