How to disable ping responses on Linux

Disabling PING can be a good security strategy, preventing curious people from using PING to scan networks for active Hosts to attempt exploits.

Another good reason is to avoid the “flood” of Ping on the network, which can be done with the ping option “-f”, flooding the destination host with several ping packets.

This approach doesn’t require Netfilter packet filters.

To Disable the Ping Response Temporarily

You can temporarily disable the ping response using the following method.

echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_all

Note that this setting does not survive after the system is restarted.

To return the ping responses, use the following command:

echo “0” > /proc/sys/net/ipv4/icmp_echo_ignore_all

To turn off the ping response permanently

You can permanently disable the ping response using the following method.

Step 1: Edit the /etc/sysctl.conf file and add the following line.

net.ipv4.icmp_echo_ignore_all = 1

Step 2: Run sysctl -p to deploy this configuration immediately.

Sysctl -p

Once this is done, the incoming ping packets will simply be discarded.