How-to: disable the PING response.

To disable the PING response, add the following line to your init script for the network:
echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all

To reenable the PING response do this:
echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all

To make the change PERMANENT add the following line to /etc/sysctl.conf:
net.ipv4.icmp_echo_ignore_all=1
and execute this command
sysctl -p

It is better to use firewall for these purposes, so that you can optionally enable ping from some systems, esp monitoring systems
iptables -t filter -I INPUT -p icmp --icmp-type echo-request -s monitoring_system -j ACCEPT
iptables -t filter -I INPUT -p icmp --icmp-type echo-request -j DROP

Just in case it's not obvious to iptables newbies, replace "monitoring_system" with the IP/range of the server(s) which should be able to ping the server. All other ping requests will be silenty dropped.



--
Liu Lantao
College of Information Science and Technology, Beijing Normal University
EMAIL: liulantao ( at ) gmail ( dot ) com ;
WEBSITE: http://www.liulantao.com/ .
------