« previous next »
Pages: [1]   Go Down

Author Topic: Disabling ICMP Echo Ping in Firewall  (Read 9574 times)

0 Members and 1 Guest are viewing this topic.

Amitc87

  • Guest
Disabling ICMP Echo Ping in Firewall
« on: April 19, 2010, 12:39:35 AM »
I am a proud customer of avast! Internet Security 5.0.507 and have been really happy about my decision to switch to it from Norton 360.

However, I was recently taking the ShieldsUP! test from GRC, which scans your firewall for weaknesses.


After completing the test, the only weakness I found was:

--
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
--

So, I wanted to know how to disable ICMP Echo requests from the firewall. (The requests replied to ShieldsUP! in Public/High Risk Zone as well)

Thanks!
Logged

doktornotor

  • Guest
Re: Disabling ICMP Echo Ping in Firewall
« Reply #1 on: April 19, 2010, 08:38:49 AM »
Quote from: Amitc87 on April 19, 2010, 12:39:35 AM
--
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
--

Well, I can't tell you how to do this w/ AIS since I'm using Avast Free - but I can safely tell you that the advice given on that site wrt ping is nonsense. You will not hide your system better by dropping ICMP echo request/reply packets - you will clearly advertise that there is a firewalled system instead. For details on Shield Up!, I refer you to my analysis of GRC FUD on Wilders Security forums. (Also, closed vs. stealthed myth is debated on that thread.)
« Last Edit: April 19, 2010, 08:42:16 AM by doktornotor »
Logged

Hermite15

  • Guest
Re: Disabling ICMP Echo Ping in Firewall
« Reply #2 on: April 19, 2010, 09:41:42 AM »
not even mentioning that in 99% of cases, the "stealth ports" are the result of the router firewall policy, not the one in Windows. Always made me laugh when guys come posting that their new product (Comodo FW or else...) is perfect ;D ... I've seen this happen build after build during a beta testing, guys back from Shields Up, and dead proud, again and again...no need to tell them they will post it again ;D
Logged

Offline wonderwrench

  • Sr. Member
  • ****
  • Posts: 223
Re: Disabling ICMP Echo Ping in Firewall
« Reply #3 on: April 19, 2010, 06:47:10 PM »
Amitc87 are you using a router? If so the change you want to make is in the router. If not I have no clue how to change the required setting in AIS as I use Avast 5 Free, windows 7 firewall and a D-link 655 router.
Logged
Main Box*i7 930*GB X58A-UD3R*3x4 gig Patriot DDR3 1600 EL*EVGA GTX 460 1 gig*Intel X25-M G2 80 gig*WD 2TB Green*ASUS DRW-24B3LT*Samsung SH-S223L*LG WH14NS40*Corsair AX750*Rosewill Challenger case*Windows 8 Pro 64 bit*Avast 8 Free 8.0.1482*MBAM Pro*Firefox 19.0.1*NoScript

Hermite15

  • Guest
Re: Disabling ICMP Echo Ping in Firewall
« Reply #4 on: April 19, 2010, 07:22:50 PM »
@ the OP: if you really want to do it, although that makes no sense as explained above, open your AIS firewall advanced settings, from there go to "packet rules", and do what you want there. Be warned that "ping" is probably still enabled in your router though, so you'll have to deactivate it from there too ;D
Logged
Pages: [1]   Go Up
« previous next »