Because I want to monitor traffic, not block it entirely. I just want this machine to basically lurk on my network looking for suspicious activity and then notifying me if it occurs. Sometimes it can be useful to hide a Linux machine a bit. Not responding to pings would at least keep most "hackers" out because they would never even
Know it's there.
To turn answers to icmp_echos off, as root type:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
and to turn it on again type:
echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
Even better way:
Don't ignore ICMP echos:
sysctl -w net.ipv4.icmp_echo_ignore_all=0
do ignore ICMP echos:
sysctl -w net.ipv4.icmp_echo_ignore_all=1
sysctl -a will give you a nice list of values that you can tweak.
If you're running a Redhat-based system, you can plop the desired values in /etc/sysctl.conf.
