How to block Ping requests in Solaris 10

Similar Messages

• How to block outbound port in Solaris 10

  Hello,
  I would like to block OUTBOUND telnets (port 23) - Let me repeat it's OUTBOUND (not inbound).
  I need to do it on Server level (not Firewall level).
  Any help would highly be appreciated.
  TIA
  Prvn
  Edited by: sun_prvnrk on Sep 30, 2010 10:52 AM

  Yes, you need to use ipfilter.
  You can filter either inbound or outbound.
  There's information in docs.sun.com on how to use svcadm to turn it on and there's an ipfilter mailing list to help you figure out how to use it.
  -- Ken

• Trying to configure WRT54G v5 to block ping

  I am trying to configure my WRT54G v5 to block ping requests with no luck. I have ensured to check off the option to "Block Anonymous Internet Requests" as well as block the ping service. When i ping my router i am still getting a response.
  Can anyone offer some suggestions as to what i might try to remedy this issue.
  Thank you for any help

  bump

• How do I block pings from the outside to the ASA 5505 outside interface?

  I was asked to block pings from the internet to the outside interface of our ASA-5505 firewall.  I found a post that said to enter "icmp deny any outside", however that does not do it.
  I created an ACL to try and do the trick, also to no avail:
  access-list outside_in extended permit icmp any any echo-reply
  access-list outside_in in interface outside
  access-group outside_in in interface outside
  Anyone have a clue what I'm doing wrong?  I'm not the firewall guy as you can tell.  :/
  Thanks in advance...
  Block / Deny ICMP Echo (Ping) on Cisco ASA Outside Interface
  Most networks that you protect with a Cisco ASA device, will probably want to deny ICMP (maybe not all ICMP types, but a lot of network admins will want to block ICMP Echo, etc.) on the outside interface. This will make the network harder to find through external enumeration, but not impossible.
  ASA5505(config)#icmp deny any outside
  You will deny ICMP on the outside interface, but if you include ICMP as a protocol in the default global policy map, you can ping from the inside to any host on the outside, and it will be permitted back through the ASA, as it knows about the previous ICMP “connection

  You are allowing echo-reply, thus it will reply to a ping
  try this ACL:
  icmp deny any echo-reply outside
  From: 
  https://supportforums.cisco.com/thread/223769
  Eric

• Newbie question: how to send mails on a Solaris 10 machine?

  Good morning all,
  I am responsible of a lab, containing some Solaris machines.
  On one of those machines, a collegue would like to send mails, using following command:
  echo "something" | mailx -v -s "subject" <collegue>@<domain>.comThe mentioned e-mail address is configured on an MS Exchange server.
  On first sight this server is not accessible from the lab:
  telnet>ping -a <Exchange_Server>.<domain>.com
  ping: unknown host <Exchange_Server>.<domain>.comHowever when I try this in a DOS prompt, I get the same result:
  DOS prompt>ping -a <Exchange_Server>.<domain>.com
  Ping request could not find host <Exchange_Server>.<domain>.com=> How can I determine whether the Exchange server is accessible from the lab?
  Even more general: how can I determine whether the machines in the lab are connected to the internet:
  telnet>ping www.hotmail.com
  no answer from www.hotmail.com(94.245.116.9)
  no answer from www.hotmail.com(157.55.0.137)=> if there is no connection to the internet, how can my machine translate URLs into IP addresses?
  Can anybody give me a start?
  Thanks

  first ask your exchange team to add the Solaris server to exchange relay..then only soalris server can send mails...
  once they added..
  take the mail server ip/hostname
  configure /etc/mail/sendmail.cf
  modify DS to
  DSmailserver ----if dns server works
  else
  DS[mailserver] ---lookup through /etc/hosts

• How to Block / Hardening of "Unused Ports" in OracleAS-10gAS

  Hi All,
  I have installed Oracle 10gAS PatchSet-2 9.0.4.2.0 and Windows-2000 SP-4 OS. The Both instances (INFRA & Mid-Tier) are installed on same box. My AS is working fine and all components are working great.
  +
  I can find-out the ports being used/configured by 10gAS of this installation. Rest all other Ports are open as such on this OS and are not being used. So basically i want to "Block all those Unused Ports of this 10gAS installation"
  1. Is it Possible..? If Yes! how to start about this.
  2. Does Oracle Provide a Documentation on this or the details of this is included anywhere in any of the Docs.?
  This has been pointed out by one of our Corporate Auditors who has audited our entire IT Infrastructure setup and given us that comment. Can anybody would help me in this regard or suggest me tips / docs. which could be useful to me. Looking for ur help.
  Regards,
  Kamesh Rastogi

  Hello,
  I would clarify what i need and intend to do......
  Let say my HTTP Server is configured and listening at port 7779 & 7778. And the range of this is 7777 - 7999 as provided by App.Serevr.
  SO i want to block all the ports of above range and ONLY want to open or allow requests coming for Port No. 7779 or 7778.
  What all is being used by App.Server is know to us and we can find it out and list it....but how to block them...here in App.Server.
  Regards,
  Kamesh Rastogi

• How to block articlee for purchases

  we are planning to block some of articles for purchases. However we want to allow for stock transfers using stock transfer requests( ME21N-UB doc type).
  when i kept 01 Blocked for procment/whse in X-site status of baisc data tab system is not allowing for stock transfer order creation also.
  plz suggest how to block articles for purchases without impacting for stock transfers.
  what is the usage of follwing selections for blocking
  01     Blocked for procment/whse
  02     Blocked for task list/BOM
  03     Blocked for Purchasing

  Hello,
  If you want to block articles from procuring into DCs and do not want to block DC to Store movements, you may block articles in site-specific Block status (MARC-MMSTA) in Article/DC view. So DC to Store STOs can be created.
  You may see the definitions of various blocking statuses in transaction OMS4. For example, 01 Blocked for procment/whse means blocked from Purchasing,Forecasting and RP (No Message, Warning or Error Message).
  Thanks,
  Venu

• WRT1900AC: Can it block DNS requests?

  Hello,
  Can the WRT1900AC block DNS request from devices in a home network to public DNS service like GoogleDNS? Can anyone tell me what steps are necessary to accomplish this?
  I tried to follow instructions found on the web but I could not add static routes under Advanced Routing, I got errors either about the network submask or the Gateway (mine is 192.168.1.1 and is not accepted). i don't know what to enter in these fields and also what Interface to select (LAN/Wireless or Internet).
  My firmware version is 1.1.8.164461.
  I would appreciate any help.
  Thank you,
  Luiz
  Solved!
  Go to Solution.

  Hi,
  Thanks for replying. I haven't contacted support yet to confirm you suspicion, My cable modem is a Motorola SB6141. I have done some basic research that indicates that it is not capable of NAT.
  However, I was able to configure a static route in my router,using the cable modem IP asgateway. After this my ping requests to Google DNS (8.8.8.8 and 8.8.4.4) started to fail. This is probably still not what I need. I don't understand why I can't save my router's IP as gateway as indicated here: http://help.unotelly.com/support/solutions/articles/193662-setup-static-routes-on-linksys-and-cisco-... This link alerts to a bug in Linksys routers but the error message I get is not "invalid static route" as indicated.
  Thanks,
  Luiz

• How to block p2p applications(Bittorent like) with AIP-SSM-10?

  Hi,
  How to block p2p application using AIP-SSM-10 working with ASA5520?AIP is on promiscuous mode.
  Thanks,
  Siva

  There are several signatures that detect p2p, for bit torrent there is 11020.0
  Yahoo triggers: 5539.0, 11200.0, 11212.0, 11217.0 & 11219.0
  etc..
  Some are disabled by default though so please ensure you enable the ones that you need.
  If you want to block these then you will have to use event actions that work in promiscuous setup for example request block connection and tcp reset. Please note that care must be taken when using these event actions.
  For more information about the event actions please refer the link below:
  http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/idmguide/dmevtrul.htm#wp1069467

• How to Block favicon safari 7.1

  How to Block favicon safari 7.1

  Sorry I don't think it's reasonable to expect Apple cater to every single need. Should there be a preference for disabling gifs, pngs or jpegs how about an option for disabling gifs that are blue but only on Mondays when it's raining? There are too many possibilities to cater for everyone and there are other browsers that already work how you desire.
  OS X used to have preferences for different Dock styles, but Apple have been removing those options for sometime now. Your final sentence make it clear you already understand how Apple progresses. I have been on the receiving end of Apple's arbitrary changes too, but there came a point where I just got over it & found alternatives.
  'defaults write' settings played havoc with users updating to 10.9 - some users had disabled screenshot shadows, that resulted in System Preferences that had sections of UI totally missing, it took weeks to unpick the reason for the fault! These edge case 'hidden settings' can be more trouble than you imagine. They conflict in new & interesting ways with every update.
  You can ask Apple to revert the change, but it doesn't seem like something they would do. There is a simple way to evaluate possible feature requests - Ask yourself 'How does this benefit Apple?'
  http://apple.com/feedback/
  I tested the 'ugly hack' & it worked for me but an extension is the correct way to resolve it. Another option is to setup a proxy server that blocks them from downloading on any device on the network. Ultimately if you don't want to investigate a solution you are part of the problem.

• Why does my system respond to ping requests?

  I have the software firewall on and in stealth mode; the online modem Firewall Setting must be at "Minimum Security (Low)" because if I use "Medium" or "High" my e-mail message center in Safari Version 5.1.5 (6534.55.3) times out. I ran GRC's Shields Up and my computer failed the "Ping reply" test. Here's the result:
  Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
  If this a problem that I should address what should I do. Thank you.

  Thanks fane_j.Based on your answer and following your instructions step-by-step, I am definitely behind a router which does NAT although I only have a wired Westell 6100F modem connected to the computer. I use no wireless devices and I do not connect to public hotspots. I did read somewhere that GRC's ShieldsUP! firewall test tends to "exaggerate" the severity of failing the ping reply test. So, at this point, it seems that I can uncheck the Mac's firewall "Stealth Mode" setting (which appears to have been the default unless I had checked it myself at some point in time and forgotten!!) Also, should I double-check my ISP's administrative controls (that can be changed online) and look for "Discard PING requests from the WAN side" or any words to that effect or is it unecessary? Lastly, should I just leave the online Firewall Setting at "Minimum Security (Low)" (because if I use "Medium" or "High" my e-mail message center in Safari Version 5.1.5 times out)? Thanks again.

• How to block the handset when it is missed

  can i know how to block a handset when it is missed. Its a brand new handset & there is no sim card in it. but i have the handset manufaturing code number

  Your phone can btw be tracked, but not as mccbleue mentiones in his guide. First of all the Imei number must not be blocked cause what you want to happen is that the person who found it/ stole it, switches Sim cards and start using the sim card registrated on him with the phone. That way it will be able to see who has started to use his SIM card with the IMEI number on your phone. Then it should be able to track down the adress of the person and get it. However, it's unlikely that the police will do this unless it's a matter of importance. But it never hurts to ask your local police about it. They migh actually do it for some reasons or others.
  If they don't have the time or don't want to track it you just ask if they can request the imei to be blocked or you call your operator your self to hear if it ccan be done without going through the police. After a IMEI block, the phone will be totally useless for calls and sms's as mentioned in a previous post.
  Most likely your important content isn't of any interest for the person who finds it. It might even be that the phone is found and given to the police. In that case you should contact them anyway just to make sure it isn't found. Blocking your Sim card won't make your phone useless, only the sim card.
  Good luck.

• Please :( .. How to block Skype account ??

  Hello,
  please .. How to block Skype account ??
  Someone set up an account on Skype and put the means of communication data sister of Mobile Numbers Ground and the number of the house and put the name of indecent and improper
  Please help to continue to support Skype team to block or delete this account as soon as
  this is fake Acount: amany_20133
  thanks

  Dear Readers;
  Please review the information in this FAQ article:
  Can I Delete My Skype Account?
  and then please contact Skype Customer Service to file your request as indicated in the instructions.
  Regards,
  Elaine
  Was your question answered? Please click on the Accept as a Solution link so everyone can quickly find what works! Like a post or want to say, "Thank You" - ?? Click on the Kudos button!
  Trustworthy information: Brian Krebs: 3 Basic Rules for Online Safety and Consumer Reports: Guide to Internet Security Online Safety Tip: Change your passwords often!

• RV042 v3 - Block WAN Request - bad implemented!

  Hello,
  I would like to ask You if You have same problem as me. I would like to allow PING on RV042 from WAN side only from specific IP address, but when I set the rule, RV042 does not respond on WAN side, because Block WAN Request is Enabled.
  BUT! When I disable "Block WAN Requests", now any IP can ping my router from WAN side. Although I set access rule to Deny Ping from WAN side to anyone, it still responds.
  Do you know sollution?

  Good morning
  Thanks for using our forum
  Hi Tomas Zavodny  my name is Johnnatan and I am part of the Small business Support community
  I'm not sure if you  disable the option “Block Wan Request” your device creates  a rule in the firewall, can you check this? if your device creates the rule, follow this procedure
  In this priority order, create 2 rules in your firewall device.
  1. A rule that allow ping  your device from your specific source(s) address(es)
  2A rule that deny ping from any other source.
  3 With the lowest priority, the rule that your device creates.
  I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered.
  Please rate post you consider useful.
  Greetings,
  Johnnatan Rodriguez Miranda.
  Cisco network support engineer.
  Cisco has a very useful tool called GuideMe, is made for small business products, and your device is in this category, you can use this address for accesing the tool: http://sbkb.cisco.com/CiscoSB/Loginr.aspx?alt1 = & pid = 4 & eroute = Super, is very easy to use, just complete the 3  spaces on this way:
  Select a category: (Select the device type on request), eg Routers
  Enter model: (Type the model on request), eg RV042
  Question: (Type what  you want to know  about the device), eg VPN
  And it'll be showing all the information you need about what you wrote.

• How to block 141 prefixed numbers on Nokia C3-00

  Have had nuisance calls for "15" months now from a pest who withholds his number, I guess by prefixing 141! He always rings off - no number!
  Any ideas on how to block ALL 'private' or 'unknown' numbers on my Nokia C3-00?
  I tried Handy Blacklist by Epocware but it said my Nokia won't take sis files!
  I've got the facility on this phone to bar incoming calls but O2 gave me three passwords, none of which was accepted - came up 'Request Incomplete'! Can I use this call barring for these 141 calls?
  Will try ANYTHING!

  On my landline I've now got Anonymous Caller Reject which now blocks all 141 prefixed numbers!
  Surely there must be a way of doing the same with mobiles??!!