What I’m asking is, could this be a good solution to keep hackers away as firewalls?
The only thing you really need to to is to block ICMP-traffic thruough MMC.
As most hackers use PING to check for open ports, could this be a good solution?
GRC scan WITHOUT ANY FIREWALL AT ALL(not even Windows Firewall):
GRC Port Authority Report created on UTC: 2007-07-02 at 17:35:47
Results from scan of ports: 0-1055
0 Ports Open
0 Ports Closed
1056 Ports Stealth
1056 Ports Tested
ALL PORTS tested were found to be: STEALTH.
TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
I’ll still use Comodo Firewall PRO for program access and HIPS in CFP 3.0, but could this work as a firewall?
You could just as easily do this with a rule in the network monitor or CFP, with the following parameters;
Action : BLOCK
Direction : IN
Protocol : ICMP
Source IP : ANY
Destination IP : ANY
ICMP type : Echo request
Make sure this newly created rule is moved to the top of your rules list, as CFP reads the rules from top to bottom, and we want this rule to be read before any other rule that may grant access.
Hope this helps,
Ewen
P.S. Good article in your post. Sound way of doing it, but a bit more complicated than adding one rule.
Thanks for your answer.
I have no idea to stop using CFP and go back to ZA which increased boot-time with like 30 sec…
Can’t wait for 3.0 to be released, its HIPS seems awesome, and PG won’t work for me.
Anyways, keep up the good work (L)
Really a router with its firewall enabled (and blocking of wan pings) should be more then enough. The only time that its not enough is when someone actually wants to attack you.
Most hackers look for easy targets, and if your stealthed they usually move on.
