My Modem/Router replies to "ICMP Echo Request"

I have just changed my previous modem/router
Since I use eMule I have always had a policy of “stealth on a per-case basis” for my ports, and until yesterday I had a perfect behaviour on GRCShieldsUp (PASSED) using my old modem/router (I think it used a Bridged connection)

Now, with the new router, when I run the ports test on Shields UP!! — System Error
I get this

Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .

Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to “counter-probe the prober”, thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.

Since I am not so expert I am asking you what is the method to avoid that my router replies to those “ICMP Echo Requests”

What do I risk?

Every router is different. You’ll need to check your routers documentation on how to block Ping.

The first one depends on your router make/model most of them have an option to block ping on the WAN interface, maybe click trough the settings or read the manual.

Second, the risk only risk is that someone who is looking for ‘active’ hosts to ‘attack’ knows your IP is live and responding, therefor it might be interesting to look for further security holes on that address, if you drop the packets and those that are only using ping-sweep to detect active hosts will probably skip your IP and move on to the next that does respond.

Basically ‘low’ risk, but in a multilayer security setup this is on of the things you could disable to make things harder for the ‘attacker person or infected machine looking to infect others etc’.

Unfortunately the only options I find are related to “Port Mapping” (language is Italian… sorry)

As you can see “Gestione Virtual Server” is “Virtual Server management” and the only Protocol Option that could fit is DMZ (?) that let you select “Any” ports (… i see *)
What is the drawback of using DMZ?
I read it has something to do to “Demilitarized…”

What kind of protocol is ICMP Echo Request?
What ports are addressed?

[attachment deleted by admin]

Most of the time they have put this option somewhere else, these are options to provide traffic trough the router (e.g. setup your pc for port-forward etc) not traffic TO the router.

Is there a “WAN” option or something that has to do with the external interface of this router? If you know make and model I could search online…

It’s probably under the firewall tab.

The model of the router (as you can see below) is “ADB Broadband - ADSL 2+ Wi-Fi N” and is the standard router that Italian Telecom gives you here in Italy.
“ADB Broadband” I see on Google that is a brand of Pirelli.

If I go in the Firewall tab and select “Activate” nothing changes with regard to “ICMP Echo Requests” (in fact it says that is “Base Protection / It blocks inward connections leaving unalterated DMZ, Virtual Server and Port Mapping configuration” (that’s the translation)

[attachment deleted by admin]

That isn’t actually a model number. It’s probably something like P.DG A4101N.

Do you see your modem on this page? ADB Global Broadband Data

Is this thing connected via USB to your PC?
Can you verify the IP number on your PC and see if it is a private or public range number? If public it’s still bridging and the ping needs to be blocked by CIS.

The model is P.DG A4001N

It is not connected via an USB, it is connected Wi-Fi

As for the IP number I see this (if it may be of any help)

[attachment deleted by admin]

Thanks Ronny for editing the picture :-TU

Sorry, I’m not having much luck locating the actual documentation for this router. Lots of data sheets available, but those are just stating features…

I think this is a rebranded Star Net modem/router with a simplified interface. If you telnet to the ip address of the router it may tell you it’s from Star Net. If it is the same, the option to control inbound ‘Pings’ is usually under a menu heading something like ‘Advanced/Security’

I’ve attached a manual for a P.DG A4001N but it describes the full interface…

[attachment deleted by admin]

Thanks but I have no “Advanced Setup” menu item
If only could I know a “hidden link” to that item…

How can I “telnet to the ip address of the router”?

What commands do I have to type? ???

Open a command prompt and, assuming you haven’t disabled the telnet client, type:

telnet (the ip address of the router)

You should receive a login prompt, just use whatever details you use when you access the router via the browser.

Doing this may or may not tell you very much, but it may be possible, assuming you’ve explored all available options in the GUI to disable inbound PING requests, to manage this option via telnet. However, I’d suggest asking your ISP, if that’s who supplied the modem/router…