Firewall Stealth Ports Wizard

frog624 · December 28, 2009, 2:51pm

Failed grc.com’s ShieldsUP!! Ping reply…

Did a bit of research in the archives and took the advice offered in the reply to .FaZio93 on April 17, 2008, but…

The Stealth Ports Wizard will NOT change to either ‘Block all incoming…’ or ‘Alert me…’
The Wizard tells me the firewall has been configured accordingly, but when I go back to check, it is STILL on ‘Define a new trusted network…’

SiberLynx · December 28, 2009, 4:09pm

Hi frog624, welcome to the forum

The “return of the radio button” to the initial position is known GUI glitch only - not more than that

You could find similar requests in the forum if you would search

That will be fixed as developers stated.

The main thing is - as soon as you got the message “Your Firewall has been configured accordingly” that was really done correctly

My regards

Citizen_K · December 28, 2009, 4:49pm

It is confusing you don’t see the Wizard did what you asked it to do. To see the changes you need to go to Firewall → Advanced -->Network Security Policy → Global Rules. You should see the rules added as you see in the attached image (The screenshot was taken from a test version of v4; hence why the user interface looks a bit different).

Are you behind a router? Then you are probing the router from sites like GRC and not the firewall of your computer.

[attachment deleted by admin]

frog624 · December 28, 2009, 7:21pm

My rules are the same as you show in the screen shot, but Shields Up still gives me a fail:

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.

Nope, I’m not behind a router.

Citizen_K · December 28, 2009, 9:25pm

What modem are you using? Are you on ADSL, cable or dial up connection?

frog624 · December 28, 2009, 10:49pm

DSL.
Modem is an Actiontec, DSL Gateway

Citizen_K · December 29, 2009, 1:37am

What model is it? The reason I want to know is that (almost) all DSL modems have build in router facility.

frog624 · December 29, 2009, 1:23pm

GT704-WG

Citizen_K · December 29, 2009, 5:45pm

I looked up the details of your router and it is DSL modem with 4 ports router.

That confirmed my initial assumption there is a router in between your computer and the web. That means that you will be probing the router’s behaviour and not your firewall’s.

To test the firewall it needs to be put outside of the protection of the router’s NAT/firewall. That is usually called Demilitarized Zone (DMZ) or Exposed Host.

frog624 · December 29, 2009, 5:57pm

Guess I can forget about passing the GRC test, huh?

Okay, thank you for your attention. Have a happy new year (when we get there!).