what should i do to pass ping reply test on CFP 3.0.18.309 [RESOLVED]

[Guest]

[ganda]

just updated my firewall to 3.0.18.309...cool 
and i tried GRC Shield up test (i connect to the internet using usb modem)
result :
Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .



Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)



Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

not cool 
so, what should i do to pass the test  ? any suggestion?

oh, and these are the only global rules i have now, is that normal i think i had few more rules before updating to the latest version (nevermind, i used stealth port wizard,)

[bonnieville]

morning. if behind a router that's what it's pinging. just my two cents worth. frank.

[Vettetech]

Fully stealth your router. Go into your hardware firewall config. Worked for me with my 2Wire.

[ggf31416]

"Block ICMP In From IP Any To IP Any where ICMP message is Echo Request" should block incoming pings.
The most likely reason is that your modem/router is replying to pings before they reach your PC. Please check the configuration of your modem.

If the configuration of your modem is correct you could move that rule to the top and enable logging but it's unlikely that changes anything (if works please port your logs and a screenshot of your network zones).

[ganda]

morning. if behind a router that's what it's pinging. just my two cents worth. frank.

oh, so this wireless modem called "router".  , so you mean it's OK to leave it that way? no need to change anything?

Fully stealth your router. Go into your hardware firewall config. Worked for me with my 2Wire.

err...........how do i do that?  sorry, can't find the option to stealth anything

[Vettetech]

No you need to type in your IP address into the address bar in Firefox. Not those settings. Your modem maker can tell you how. I have a 2Wire Gateway DSL modem with a hardware firewall and I can configure it through my IP in Firefox or IE. Also delete your gloabl rules in Comodo and click apply. Then go into the Stealth Port Wizard and select the bottom tab "block all in coming connections". Is that the only modem that connects to the Internet?

[ganda]

No you need to type in your IP address into the address bar in Firefox. Not those settings. Your modem maker can tell you how. I have a 2Wire Gateway DSL modem with a hardware firewall and I can configure it through my IP in Firefox or IE.

you mean, type the ip address (222.124.198.***) on firefox/IE address bar? can't do it.got this warning "problem loading page", "the connection has timed out".

Also delete your gloabl rules in Comodo and click apply. Then go into the Stealth Port Wizard and select the bottom tab "block all in coming connections".

done, i removed all the global rules, and used stealth port wizard, here's my current global rule.

Is that the only modem that connects to the Internet?

i usually use phone line/dial up connection on my laptop comp, (oh, and i pass the test using this)
and yes, i use this modem when i'm not in my office.

[Vettetech]

Those are the same rules I have. Your manufacture of the modem should tell you how to be able to see your IP configurations. When I had a Linksys router I could and now with my 2Wire I can.

[ganda]

Those are the same rules I have. Your manufacture of the modem should tell you how to be able to see your IP configurations. When I had a Linksys router I could and now with my 2Wire I can.

i bought the modem in a comp store, i bet they don't know anything about it. 
am i secure enough btw?

[Vettetech]

I didn't say where you bought it. I said manufacturer. Who makes it?

[ganda]

I didn't say where you bought it. I said manufacturer. Who makes it?

it's a local product, and i don't think that they "care" about such issue as long as this modem can connect to the internet.
i'm trying to contact the manufacturer now but i don't expect too much.

thx btw Vettetech, appreciate it. 

[Vettetech]

I am not sure if that modem you have has a built in firewall either.

[ganda]

I am not sure if that modem you have has a built in firewall either.

exactly! i never said that this "wireless modem" is a router/hardware firewall. i don't even know what a router is 

morning. if behind a router that's what it's pinging. just my two cents worth. frank.

Fully stealth your router. Go into your hardware firewall config. Worked for me with my 2Wire.

but these post made me believe that i have one 
the brochure only say "connects to the internet wherever you are".
so, is there any way to "secure" my system when i'm connected to internet using this modem? or am i secured already?

[Matty_R]

Hi Ganda,by the look and sound of it what you have there is just a basic Modem and has no Routing or firewall capabilities at all.
Basically a Router sits between your Modem and your computer(s) and allows more than one computer to share an internet connection using the same IP given by the ISP by using NAT(network address translation)

Routers are excellant for turning away inbound traffic as they will only allow traffic through if it has been requested(save for port forwarding etc)

If you get one at some point go for one that does SPI as well you can get em pretty cheap now(about £50)

Assuming you have ran the "Stealth Ports Wizard" choosing the bottom option"Stealth my Ports to Everyone" you should pass all the tests your refering to.

Cheers Matty 

[ganda]

Hi Ganda,by the look and sound of it what you have there is just a basic Modem and has no Routing or firewall capabilities at all.
Basically a Router sits between your Modem and your computer(s) and allows more than one computer to share an internet connection using the same IP given by the ISP by using NAT(network address translation)

Routers are excellant for turning away inbound traffic as they will only allow traffic through if it has been requested(save for port forwarding etc)

If you get one at some point go for one that does SPI as well you can get em pretty cheap now(about £50)

Assuming you have ran the "Stealth Ports Wizard" choosing the bottom option"Stealth my Ports to Everyone" you should pass all the tests your refering to.

Cheers Matty 

hi Matty
thx for the reply, unfortunately i failed the test 

GRC Shield up test result :
Solicited TCP Packets: PASSED.....

Unsolicited Packets: PASSED.....

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.[/i]

i've used stealth port wizard after updating CFP to latest version & still failed.
oh, and this problem only happen when i'm using wireless modem, i passed the test when i was using dial up connection on my laptop internal modem.

any suggestion?

[Tags:]