telot Posted June 2, 2012 Share Posted June 2, 2012 (edited) I was reading up about the MiniPwner and the PwnieExpress plugcomputer and comparing their feature sets to our little wifi pineapple. One thing I read was that its "unpingable to prevent discovery" or some such thing - well that made me think "Why the hell ain't our pineapple unpingable to prevent discovery?!". Of course, its very convenient to have it pingable at times, especially when just playing around with it in our houses and stuff - and its a godsend when troubleshooting with nooblets here on these forums. BUT! If you want to use the pineapple as a dropbox by surreptitiously plugging it in via the WAN port on a target network - making it unpingable could be a huge advantage. Well heres how to do it: echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all This setting is not permanent and will need to be run after each reboot. To re-enable ICMP ping replies run the following command. echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all Of course, this will not make your pineapple invisible - any netadmin worth his salt could check the DHCP records, or if he/she's even has moderate skill, they could use hping3 and find your pineapple straight away, but this at least is one more level of obscurity that may save the day sometime. Hope you enjoy telot Edited June 2, 2012 by telot Quote Link to comment Share on other sites More sharing options...
kmyths Posted June 2, 2012 Share Posted June 2, 2012 Very nice, thanks telot. I've always used iptables to accomplish this, your way is much better. iptables -A INPUT -p icmp --imcp-type 8 -j DROP K. Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted June 7, 2012 Share Posted June 7, 2012 Added to 2.3.0 :) Seb Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.