How To Disable Ping Replies in Linux using icmp_echo_ignore_all

by SathiyaMoorthy on July 9, 2010

You may want to disable ping replies for many reasons, may be for a security reason, or to avoid network congestion.

Someone can flood the network with ping -f as shown in “Ping Example 5″ in our earlier Ping Tutorial article. If ping reply is disabled we can avoid this flooding.

Disable ping reply Temporarily

You can temporarily disable the ping reply using the following method.

# echo "1" >  /proc/sys/net/ipv4/icmp_echo_ignore_all

Please note that this setting will be erased after the reboot. To disable ping reply permanently (even after the reboot), follow the step mentioned below.

Also, to enable the ping reply back, set the value to “0″ as shown below.

# echo "0" >  /proc/sys/net/ipv4/icmp_echo_ignore_all

Disable ping reply Permanently

You can permanently disable the ping reply using the following method.

Step 1: Edit the sysctl.conf file and add the following line.

net.ipv4.icmp_echo_ignore_all = 1

Step 2: Execute sysctl -p to enforce this setting immediately.

# sysctl -p

The above command loads the sysctl settings from the sysctl.conf file.

After the ping reply is disabled using one of the above method, when somebody tries to ping your machine they will end up waiting without getting a ping reply packet even when the machine is up and running.


Linux Sysadmin Course Linux provides several powerful administrative tools and utilities which will help you to manage your systems effectively. If you don’t know what these tools are and how to use them, you could be spending lot of time trying to perform even the basic administrative tasks. The focus of this course is to help you understand system administration tools, which will help you to become an effective Linux system administrator.
Get the Linux Sysadmin Course Now!

If you enjoyed this article, you might also like..

  1. 50 Linux Sysadmin Tutorials
  2. 50 Most Frequently Used Linux Commands (With Examples)
  3. Top 25 Best Linux Performance Monitoring and Debugging Tools
  4. Mommy, I found it! – 15 Practical Linux Find Command Examples
  5. Linux 101 Hacks 2nd Edition eBook Linux 101 Hacks Book

Bash 101 Hacks Book Sed and Awk 101 Hacks Book Nagios Core 3 Book Vim 101 Hacks Book

{ 3 comments… read them below or add one }

1 Slavko July 9, 2010 at 2:04 am

Disabling ping replies will violate the RFC standards (all machines must reply). IMHO better than block, is limit replies by iptables…

2 cra July 10, 2010 at 8:49 am

Will nmap still detect my computer?

3 juancarlospaco December 30, 2010 at 11:09 am

it will kill IPv6, that dont use ARP

Leave a Comment

Previous post:

Next post: