I blocked the IP from the FTP server, but they keep trying. Is there a way to block my IP from that one?
I realize I can do it on every individual website, but is there a way at the router? I didn't see one in my router documentation.
3:15 am on Apr 9, 2002 (gmt 0)
Look within the router documentation for how to turn off or block ICMP packets, that will stop pings from getting through.
3:20 am on Apr 9, 2002 (gmt 0)
Call you ISP and say that this address has been sending pings to you constantly and you want it banned from being able to attack you.
11:29 am on Apr 12, 2002 (gmt 0)
Do u have Firewall on your server? If so that will help you for some extent. Droping the ICMP packets at router it self is the best practice.
11:47 am on Apr 12, 2002 (gmt 0)
Are there any other implications to turning off ICMP packets at the router? Where my wife works, someone complained that they could not access my wife's employer's site because ICMP packets were turned off. Was that a valid issue or were they using that as an excuse for another problem?
12:07 pm on Apr 12, 2002 (gmt 0)
I contacted my ISP and they effectively banned the IP totally! She said they couldn't really tell who it was, so they would block the entire IP and see who complained.
Within 10 minutes the attacks stopped.
8:30 pm on Apr 13, 2002 (gmt 0)
Blocking ALL ICMP packets can cause a variety of problems. I'm no expert on this, but it's my understanding that there are many ICMP packets, besides PINGs (type 8) and PING response (type 0). According to the sources I have, you generally need to allow Source Quench (type 4), Parameter Problem (type 12), incoming Destination Unreachable (type 3) and outgoing Fragmentation Needed (type 3, subtype frag. needed).
Blocking PINGs won't make a site inaccessible, but blocking all ICMP traffic might.