is there a way to stop Ping (ICMP Echo) requests on my firewall?
thanks
Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to “counter-probe the prober”, thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation
this is the results i got from sheilds up. can i set firewall to block these??
See PM
[attachment deleted by admin]
i tried that…firewall/global settings…tried every possible combination. i might be a lil slow
:-
Unfortunately while there are no more ideas.
All rules have to be the first (on top).
i might be a lil slowI didn't understand that it. ???
Where you carried out the test?
tests at sheilds up . com
I behind a router.
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
Remove this rule.
Screenshot.
Note: But you won’t be able to ping check.
[attachment deleted by admin]
in firewall/global settings there are 5 different lines or things to adjust. the pic only showed me 2 1/2 of the lines. what number from the top down are you saying to remove?? thanks, sorry for my “rookieness”"
opps…there are 6 lines
Configuration - Proactive Security
Stealth Ports Wizard.
[attachment deleted by admin]
Are you behind a router? If so then firewall test was checking your router, not Comodo and you’ll need to consult the manufactures manual for your router.
thank you for explaining the router to me and thanks jenn for the pic.
is there a comodo firewall for dummies book anywhere? i am so lost
Clicking any of the ? icons on Comodo’s interface will take you to the web help for that part of the program.
thanks
all i am trying to do is stop Ping (ICMP Echo) requests
In general ICMP is benign unless its abused for malicious purposes. The following are FW rules I’ve implemented to mitigate security vulnerability inherent to ICMP:
GLOBAL
Allow ICMP in from ANY to in [NIC] where ICMP Message is TIME EXCEEDED
Allow ICMP in from ANY to in [NIC] where ICMP Message is 11.1
Allow ICMP in from ANY to in [NIC] where ICMP Message is FRAGMENTATION NEEDED
Allow ICMP in from [BOINCData - SIMAP] to in [NIC] where ICMP Message is 3.10
Block & Log ICMP in from ANY to ANY where ICMP Message is ANY
Block & Log IP in from in [critical.io - system (port scan)] to ANY where protocol is ANY
Allow ICMP out from in [NIC] to in [DNS] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [co.uk - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [FortressITX - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [comodo.com - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [TCNet] where ICMP Message is NET UNREACHABLE
Block & Log ICMP out from ANY to ANY where ICMP Message is ANY
WINDOWS OPERATING SYSTEM
Allow ICMP in from ANY to in [NIC] where ICMP Message is TIME EXCEEDED
Allow ICMP in from ANY to in [NIC] where ICMP Message is 11.1
Allow ICMP in from ANY to in [NIC] where ICMP Message is FRAGMENTATION NEEDED
Allow ICMP in from [BOINCData - SIMAP] to in [NIC] where ICMP Message is 3.10
Allow UDP in from in [FortressITX - CIS Agent (TCP/UDP)] to in [NIC] where Source port is in [4447 / 4448] destination port ANY
Allow UDP in from in [TCNet] to in [NIC] where source port ANY destination port 8200
Allow ICMP out from in [NIC] to in [DNS] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [co.uk - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [FortressITX - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow ICMP out from in [NIC] to in [comodo.com - CIS Agent (TCP/UDP)] where ICMP Message is PORT UNREACHABLE
Allow IP out from in [NIC] to IP 224.0.0.22 where protocol is IGMP
Allow ICMP out from in [NIC] to in [TCNet] where ICMP Message is NET UNREACHABLE
To implement ICMP on a case by case basis simply remove the two global ICMP blocking rules. WINDOWS OPERATING SYSTEM will still generate an alert, which can be allowed w/ out the ‘remember this’ box ticked. When ICMP is no longer desired, insert the two global ICMP blocking rules again.
thankyou so much…this is what i was looking for!!