Seria mais fácil e mais eficiente classificar o limite de ICMP com o firewall:
Linux:
iptables -I INPUT -p icmp --icmp-type echo-request -m recent --set
iptables -I INPUT -p icmp --icmp-type echo-request -m recent --update --seconds 10 --hitcount 5 -j DROP
FreeBSD:
sysctl net.inet.icmp.icmplim=5
Windows:
Windows doesn't support rate limiting, only block/allow.