what should i do to pass ping reply test on CFP 3.0.18.309 [RESOLVED]

[Guest]

[ganda claus]

It's
A) A corrupt/imperfect CFP installation (rare in this sense)
-or-
B) A misconfigured modem router

Does upgrading a CFP version change a router's config?  This also seems rather unlikely...
Your ISP must really hate you.  A default password that you can't even request them to change to your liking?

A) no way! 
B) cursed modem! 
the password is "telkom", the whole country use it
ok, i have 3 points of confusion  :
1)i've had this open ports problem using other wireless modem before, i forgot the brand, but it has the same shape as Venus VT-15 (card slot, can't find the pic on google, maybe i used wrong keyword).

2)i just asked my friend who recommend me to buy this modem, she pass the test using CFP2 (default setting) 

3)right after i updated CFP3 & used stealth port wizard to "block all incoming connection", i had all ports stealthed
but i failed ping reply test.and after i added 3 rules for LAN (the 192.168.* rules), i pass the ping reply test, but i failed port scanner test

[Soyabeaner]

GRC is out to get you.

the password is "telkom", the whole country use it

  Now the internet knows how to exploit your ISP account.


The previous CFP 3 version passed both for you?
Do you have any rule to allow the System process in Application Rules?
Look at this pic.  I have mine disabled on the ICS option.  Try it and re-try the test.

[ganda claus]

  Now the internet knows how to exploit your ISP account.

yeah do that. bad connection for a month & we didn't get any compensation. i hope it has nothing to do with me 

The previous CFP 3 version passed both for you?

err not really,i just bought this modem 1 day before i took shield up test, so i don't know if CFP pass the test or not.
i had the same open port problem when i was using "card shape wireless modem". (i post it in one of "CFP didn't pass leaktest" thread, but i didn't get any answer), and since the "card shape modem" wasn't very good (unstable connection) i used it rarely, so i didn't take it seriously.

Do you have any rule to allow the System process in Application Rules?
Look at this pic.  I have mine disabled on the ICS option.  Try it and re-try the test.

done, cleared my browser cache, still have port 80 & 443 open. 
oh and there's only 1 rule (allow ip out any/any/any) for this venus modem. i attached my app rules

[Soyabeaner]

I think I see the problem with your Application Rules with ping requests.  Even though it should work since incoming connections meet Global Rules before they can reach Application Rules, but your Application Rules allows all incoming to Any protocol on the System process...

The easiest method to determine if it's a CFP problem: set CFP to Block All and re-test (if you can ).

[ganda claus]

I think I see the problem with your Application Rules with ping requests.  Even though it should work since incoming connections meet Global Rules before they can reach Application Rules, but your Application Rules allows all incoming to Any protocol...

which one? under "System"? i removed it.How did i get it anyway? i thought "system" is "LAN network"?

The easiest method to determine if it's a CFP problem: set CFP to Block All and re-test.

are you sure, i can't even use my browser & outlook express if i do that............... confirmed! 

[Soyabeaner]

Well if that's true at least we know block all still works LOL

Or how about switching to block all as soon as you reach/refresh that port scanning site?

See my edited post above on the other things

[ganda claus]

Well if that's true at least we know block all still works LOL

actually, i've done it before, D+ on paranoid mode, CFP3 on block all mode, voila 

Or how about switching to block all as soon as you reach/refresh that port scanning site?

err, and what's the point on doing that? i feel like manually shut the port when a hacker's trying to attack me 

See my edited post above on the other things

which one? this? ==>"if you can " 

i guess i can't blame my modem anymore for this issue, adding/editing rules on CFP can changed the test result (ping reply & port scanner test).hmm,  what's missing?
 

[Soyabeaner]

actually, i've done it before, D+ on paranoid mode, CFP3 on block all mode, voila  ;Derr, and what's the point on doing that? i feel like manually shut the port when a hacker's trying to attack me 

LOL.  I though that was your style 24/7 anyway.

which one? this? ==>"if you can " 

If you see that one I'm sure you've already ready the others .

Ok try this:
Add a rule for System in Application Rules and block all incoming connection any any

[ganda claus]

like this ?

edit: still failed 

[ganda claus]

OK i just did some GRC shield up professional tests    .
1) took the test on CFP3 once more
2) turned off CFP 3 & activated Windows Firewall
3) no firewall at all
i used the same cursed venus VT-12 modem, cleared my browser's cache & cookies each time i do the test

result :
1) *no reversed DNS (which is good, the website said that)
    *PASS Ping echo test
    *PASS unsolicited packets test (whatever that means)
    *FAILED solicited TCP packets 

2) *no reversed DNS (which is good, the website said that)
    *PASS Ping echo test
    *PASS unsolicited packets test (whatever that means)
    *FAILED solicited TCP packets 

3) *no reversed DNS (which is good, the website said that)
    *PASS Ping echo test
    *PASS unsolicited packets test (whatever that means)
    *FAILED solicited TCP packets   

SAME RESULT!
 
conclusions :
A. Windows security center sucks
each time i disabled/enabled my firewalls, i checked WSC :
1) Comodo firewall is active (ok, cool)
2) At least one firewall is active (what kind of comment is that?)
3) Comodo firewall is active (but i didn't use any firewall !?!!)

B. It's the modem  
no matter what firewall i use/not use, i get the same result what should i do? (but my friend use the same modem + CFP2 & she PASS the test )

[Matty_R]

Couple of things you could try Ganda,in one of your earlier pics you showed the mouter options.What do you get if you click on tools?
What happens when you go to the address bar and type in the address 10.10.61.##

Try removing all rules for your server(computer) so its just you, your laptop,and the mouter(that`d make a good film)

Test again with just the four Global Rules ending with a Block ip any/any/any

Matty

ps in you application rules set firefox to "Web Browser" policy

[ganda claus]

what's "mouter" ? 

Couple of things you could try Ganda,in one of your earlier pics you showed the mouter options.What do you get if you click on tools?

hi Matty, thx.
it contains...err i attached the screenshots.
oh, i don't know if this helps, this modem is a dial up modem using "phone chip"/UIM card/SIM card (what's the exact term )

What happens when you go to the address bar and type in the address 10.10.61.##

you mean the "server ip address?" (screenshot #4) nothing, got "problem loading page" error message.

Try removing all rules for your server(computer) so its just you, your laptop,and the mouter(that`d make a good film)
Test again with just the four Global Rules ending with a Block ip any/any/any

did that, i've tried to remove all global rules, & recreated them using stealth port wizard. oh, but now i never FAILED "ping echo" test

ps in you application rules set firefox to "Web Browser" policy

done!

i think it's not the firewall issue what do you think?

[ganda claus]

oh, wait a second, it's "problem loading page" when i use firefox, but on IE6 i got "Network monitor report". what should i do?

[Matty_R]

Mouter=modem/router

Very strange,i think these modems which use a mobile phone sim card/signal are a law unto themselves.
If your browsers dont work with Web Browser policy change em back to allow ip out any/any/any.

I reckon the wireless thingy may be whats responding to the ping test not your computer.

Good Luck Matty

[Soyabeaner]

How about you disable all the wireless connections / drivers, hard-wire it to your PC, reset your mouter (power it down for 30 sec if need be), and retest?

[Tags:]