Jump to content

Reject ping


Ixthusdan
 Share

Recommended Posts

I have my home network setup so that only my external ip and my browser are detectable on the internet. I run two firewalls, one in the router and the other on the each desktop. (Yes, I like stealth!) So my router sends me a report every time it ovewrites the access attempt log. I am currently getting 8 - 10 e-mails per day, each with 125 records of access attempts. Some are the dns I use for ip renewal. But the rest are from all over the world, including China! I think it is the "reject ping from wan" that is doing this.

 

1) Why am I being pinged so much?

2) Am I paranoid to reject ping from wan?

 

I am just wondering what others think and do.

Link to comment
Share on other sites

1. that's just what happens :furious3:

2. yes :)

 

I have a couple of static IP's that are attacked frequently

 

a summary of yesterday's logwatch

Dropped 944 packets on interface eth3

Dropped 1194 packets on interface ppp0

Rejected 38 packets on interface eth0

 

 

things like this are sometimes interesting

From 82.96.96.3 - 276 packets

To 203.96.212.68 - 276 packets

Link to comment
Share on other sites

I have the same scenario with my home network - I have a router running a firewall, but I don't firewall my desktops. And my logs look like yours.

 

My attitude is to ignore it - I even stopped my router sending me emails :beer:

 

They can't do much by pinging you and a port-scan will just show them a hand-full of ports that they can't do much with. So I wouldn't worry too much, so long as you have a competent firewall, and most routers come with solid firewalls in their firmware.

 

Besides, there are enough stupid Windows users on the Internet with NO security to keep these kids busy - they aren't terribly interested in the likes of us, we're too difficult to mess with :cheesy:

Link to comment
Share on other sites

Thanks, guys. I think I'll allow the ping just to try and reduce the log fill frequency. I would rather not turn off the e-mails because I like to track interesting attempts to access. Many come from UCLA in California!

Link to comment
Share on other sites

Well, I allowed ping from wan and that did not change the report frequency at all. I am really fending off other computers trying to access my betwork! Unbelivable!!

Link to comment
Share on other sites

Well, I allowed ping from wan and that did not change the report frequency at all. I am really fending off other computers trying to access my betwork! Unbelivable!!

 

Most of them would be trojans or viruses from infected windows computers trying to access other windows computers I assume.

 

There isnt that many people out on the internet trying to get you, dont worry :D

Link to comment
Share on other sites

Guest Willard1975

No, you're not paranoid. In fact you're smart. Linux' role in my home is small enough that i don't need ping to solve problems. That is mostly what ping is for. The only downside is that you can't ping anything yourself. Everything else works just fine.

 

There are people who scan entire IP ranges to look for potential targets. After my most recent install of 10.1 it took 7 hours before someone found me and was scripting to login in via SSH. After dropping icmp packets completely i haven't had much trouble. Then again i blocked SSH from the outside just to be sure.

 

Maybe it's me who's paranoid.....Anyway, they can't scan for me and won't find me unless they connect to any service i have running on that particular IP address. I say do everything to minimize your presence on the Internet if you just have a router/firewall.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...