How to Block Ping Sweepsby B. Steele
When you conduct a "ping sweep," you send an Internet Control Message Protocol (ICMP) echo request to a range of Internet Protocol (IP) addresses to determine if the host computers at those addresses have network connectivity. While a ping sweep is a useful troubleshooting tool in a business network, malicious users can also use it to flood and incapacitate networks with these requests. Therefore, many Network Administrators, and even security-conscious home users, protect against such attacks by blocking incoming echo requests (pings) from sources outside their networks. For the home user, the easiest way to accomplish this is via the Windows Firewall.
Log into Windows using an administrator-level account.
Press and hold the Windows key (located between the Ctrl and Alt keys) and the "R" key.
Type "wf.msc" in the box (no quotation marks), and press "Enter."
Right-click the "inbound rules" link in the left pane, and then click "New rule" from the context menu.
Select the "Custom" radio button, and click "Next."
Select "All Programs" and click "Next."
Choose ICMPv4 as your protocol type, and click "Next."
Click the "Customize" button.
Choose "echo request" as the "Specific ICMP type."
- If you have a router, it probably has a firewall built in, accessible via a web interface. Common IP addresses for router web consoles are 192.168.0.1 and 192.168.1.1. Once logged in, you can block incoming echo requests at the perimeter of your home network, protecting every computer behind it.
- If you have enabled port forwarding, make sure that TCP port 445 is closed. Otherwise, the pings will still get through.