Realize that you are going to have to do this for TCP, UDP, 'and' ICMP.

In an examle provided by frostedegg, on Linux you can just tell the kernel via /proc to ignore ICMP.

But, if I am a curious boy who runs an elite system like Solaris, I can simply UDP ping you (ping -sU <hostname&gt .

If you really want to hide a machine, put it behind a reverse proxy firewall and configure it to NAT legit traffic to your server.

-- spurious