I took the Shields up test today this was their finding, everything else passed…
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.
If you are behind a router, this test will be testing your router, not your software firewall. In order to test your firewall, you would need to set up a DMZ in your router. Your routers documentation will tell you how to do this.
Ping really aren’t as dangerous as GRC would like you to believe anyway. If someone Pings you, then runs a port scan, they will see your ports are closed. They will simply move on to an easier target.
Not to mention that once they get through your router, they have to contend with your software firewall.
If the Pings really bother you, check your routers documentation and see if Pings can be disabled. Some routers aren’t able to block Pings, but your router may have a built in firewall that allows you to configure it to drop Pings.
I don’t use a router.
Are you sure? What is your connection to the internet, dial-up or broadband? Most broadband modems have a built in router.
What you describe is exactly what you would see from GRC when running the test with a NAT enabled router. All your ports are appearing as “stealth” because NAT is ignoring any traffic not specifically addressed to your machine.
If you are on dial-up, did you use the stealth ports wizard to stealth your ports to everyone?
Firewall → Stealth Ports Wizard → Block all incoming connections stealth my ports to everyone
DSL mate… after I started this thread I received 2 Firewall updates within a half an hour of each other, I wonder what that was all about?
turnorburn
Yes, I’d bet you actually have a router and don’t realize it. What make/model is your modem?
Its a Qwest 1000 mate…
turnorburn
Is this it: http://www.qwest.com/internethelp/modems/m1000/modemDetail_M1000_FAQ.html ?
There seem to be a couple of versions.
If you mean the M1000, then yes, that modem has a built in router. That is the same modem I have. You can access the router’s control panel by pointing your browser to http://192.168.0.1/
The router has NAT enabled by default. It also has a firewall that is off by default.
With this router, if you absolutely can’t stand that GRC tells you that it can Ping you, you’ll need to tell the firewall to block Pings and reboot the modem.
It doesn’t bother me mate at least it won’t unless I find my computer compromised.
No worries there. If somebody is persistent and slips past NAT, (Not especially difficult, but nobody is going to bother unless they think you have something they want) you still have CIS waiting to intercept them. 