How do I configure Comodo Firewall to block ICMP Echo?

I have just downloaded Comodo Firewall. I am totally new to this Firewall as I had previously used Sygate Firewall. I just completed a Firewall test with Shields Up and found this result:-

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.

How do I complete the above to make the test a success? How do I configure the Firewall so that it blocks the Ping (ICMP Echo)? Please make your explanations very simple for a newbie to this software (which I think is GREAT)

Thanks

Harry

Welcome to the forums, kerrso05 (:WAV)

First, I want to make sure you’re aware that if you are using a router, it’s the router that’s being tested by Shields Up! rather than CPF.

That said, you can create a block rule for ICMP very easily…

Go to Security/Network Monitor (or choose Network Monitor from the main CPF screen). Go to the default bottom rule (which is the Block & Log rule), which on default settings (meaning, it has not been changed) should be set for “Any” IP protocol, which should include ICMP. Right-click the rule, choose Add/Add Before. Your rule will be:

Block. ICMP. In. Source: Any. Destination: Any. Details: ICMP Echo Request.

Reboot your computer to set the rule.

If you still get the same message on GRC, well, you know it’s bogus. :wink:

Hope that helps.

LM

Little Mac

Happy Christmas and thank you very much for being so helpful. I would never have worked that out on my own but I like the program very much and intend to use instead of Sygate.
Thanks for explaining it so simply…especially for a newbie like me

Harry

No problem, Harry.

You can learn more about Network Rules here: https://forums.comodo.com/index.php/topic,1125.0.html Just keep in mind it was originally written for an earlier version of CPF; the language has changed some in more recent versions, as you will note in posts from different users.

Any time you have questions, if you can’t find an answer here in the forums, or if you need clarification, feel free to ask… someone will be glad to help you.

Hope you’re having a wonderful Christmas!

LM

Little Mac

Thanks, I have just configured Comodo Firewall the way that you suggested and ran the ‘Shields Up’ Test but unfortunately it came up with the same fail. I rebooted the Computer and tried it again but again it failed. Do you have any further suggestions to sort this problem out? Is it the modem router that is failing or Comodo?
Happy Christmas

Harry

If you have a router (or a modem that functions as a router), you are not scanning your computer with Shields Up!, PC Flank, or any other online port scanner. That’s item #1.

Item #2 is that the online scanners are not the best indicator of security, and you will frequently see different results on each, sometimes even without changing your setup, you’ll see differing results on the same test site!

If you installed CPF on “Automatic” and did not change the default-created Network rules before doing GRC, then you are fully stealthed. However, even if you took a router out of the loop and went straight to the internet, I wouldn’t depend on GRC’s results. That’s why I mentioned the last rule in the list, the Block & Log All rule; by default it is set for Any IP Protocol, which would include the ICMP, and why I said that if you create the specific Block rule for ICMP Echo Request and get the same results, you know the results are bogus.

A much better test is to use something like SuperScan 4, which is a resident scanner tool. It’s free, and can be downloaded here: http://www.foundstone.com/resources/proddesc/superscan.htm. After you install and run it, you’ll want to scan 127.0.0.1, which is your localhost. This scans your computer, at your computer. If you see any open ports with that, it’s your computer rather than your firewall, and there are other tools that can be used to track down what application is holding the port open.

The other thing is, if you’re using a router, then yes, that’s what giving you the negative results from GRC. You will need to access your router’s setup (using the manufacturer’s instructions on doing so), and reconfigure it to block/drop the ICMP echo request. While you’re in there, I’d recommend changing the default password to something a little more secure (since it’s usually “Administrator”)… :wink: If you see a lot of things you want to change in the router setup, I recommend making one change at a time, to limit the possibility of blocking things you need; it’s easier to reverse the changes that way, since you know exactly what is at fault…

Hope that helps you out; if you have any more questions, need clarification, etc, just ask!

LM

Little Mac

Thanks again
I am using a Zoom Modem but I don’t think I am brave enough to fiddle about with any settings on there…so I think I will give that a miss, if you don’t mind. Glad to hear that ‘Shields Up’ Scan is only giving me false results…although all the ports were showing stealth which is good.
I downloaded Atelier Web Firewall Tester from:-
Firewall Tester (Free) | Atelier Web
and Comodo Firewall passed all the tests (B)…so I am very happy with those results (R)

The only problem I now have is setting up a network with the other laptops and computers in the house (3 in total) I went into Tasks and clicked on Add/Remove/Modify Zone and clicked on Add and put in the name of the computer (eg. Megans Computer) and the Start Range (which I think is the address of the computer eg. 10.0.0.7) but when it came to End Range I left it at 255.255.255.255…is this right?
I was able to communicate with two of the computers but one of them just refused to communicate…so maybe I am doing something wrong (more than likely…knowing me!!!)
Can you or anyone else help sort this problem out?
Thanks again for all your help. I just love this program

Harry

I understand about not wanting to mess with the router’s setup. That can be a daunting thought, if you’re uncertain of what to do. :wink:

With the home network, you can go to each computer, go to Start/Run and type in “cmd”. When the dos window opens, type “ipconfig” it will give you the IP of that computer. If you type “ipconfig /all” it will show you all the computers in the network, your Gateway, DNS, Subnet, etc.

This will give you the appropriate range for setting up/defining that trusted new network. Once you’ve set your Zone, then you want to run the Network Wizard (Security/Tasks/Define a new Trusted Network); you will use your defined Zone to set up the Network in the Network Wizard. Follow the prompts; reboot when finished.

Just a note; if you’re starting with 10.0.0.7, your end range is probably not going to be 255.255.255.255; it will stay within the 10.x.x.x range.

Hope that helps,

LM