How to Block icmp echo requests :-
Ping ( Packet Internet Gopher ) is one of the most used command used by the network administrator or hacker to find out the live host on the network or check the connectivity between two system or internet connection. if you want to hide your own presence on the local internet, it,s important for you to block the ping request. However By default , Network firewall like Cisco ASA , Checkpoint NG and Watchguard XTM are blocking the ping request to revel their identity on the WAN.
Ping command works with ICMP protocol. ICMPs are used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts.
Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies the ICMP message, the CODE field provides further information about the associated TYPE field, and the CHECKSUM provides a method for determining the integrity of the message.
The TYPES defined are:-
TYPE | Description |
0 | Echo Reply |
3 | Destination Unreachable |
4 | Source Quench |
5 | Redirect Message |
8 | Echo Request |
11 | Time Exceeded |
12 | Parameter Problem |
13 | Timestamp Request |
14 | Timestamp Reply |
15 | Information Request (No Longer Used) |
16 | Information Reply (No Longer Used) |
17 | Address Mask Request |
18 | Address Mask Reply |
So in this condition you need to block the icmp echo-reply with your windows firewall.
Open your Windows firewall with command Run > firewall.cpl and click on the Advanced setting. select the inbound Rules and Click on the new Rule option.
and select the Rule type Custom
and in the Does this rule apply to all programs or a specific program select the “All program option ” click on the next. Now in the Protocol Type select the ICMPv4 option. However you have the option for ICMPv6 also.
Now in the scope option, you have option to select particular ip-address or any ip-address.
now select the Block the connection option.
and in the When does this rule apply. select the all Domain , Private and Public option.
now put the name of rule and click on the Finish to apply the new rule.
now your system will not send the echo-reply for echo-request.
Note :- This will block your identity only on LAN.
Also Check :-
Nmap – Free Security Scanner For Network Exploration and Hacking
Hope you like my post.How to Block icmp echo requests. Please Share with others.