I just finished completing a ShieldsUp test and all 1056 of my ports are stealthed. However my ping reply failed.
“Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.”
This sounds pretty dangerous can I correct this via the firewall settings? If this helps I’m using a Westell 6100 DSL modem provided by AT&T which is also a router. ShieldsUp is testing my modem’s IP Address and not my PC’s IP Address.
It is not dangerous in any way …
any real hacker will still be able to find out if “there is anybody out there” …
there are other ways than ping to determine if a host is up or not …
Whether your ports are “Closed” or “Stealth” has virtually no impact on your safety
but “stealth” SOUNDS a lot better.
still, it’s a bit strange since Comodo should just ignore all pings with the default rules .
If it’s not dangerous, then why would the shields up test warn against it?
Also I changed my settings in my firewall to block all incoming and outgoing ICMP.
Should I block ICMP from now on?
Did a shields up test and my ping still failed. Even if it’s not dangerous I still want to pass this test so I can feel that comodo is really protecting my computer.
I created that rule exactly as you said and it still failed. Would it matter if I kept that ICMP rule that you told me about or does it even matter anymore.
By the way I do trust that the all powerful comodo is protecting my PC, I just needed a little reassurance.
I am fairly sure you are quite safe - it is your router that is replying to the ping. You can leave the rule if you feel better with it (it will deny inbound ICMP attempts) or remove it if you decide you dont need it. Might be worth setting it so it logs any attempts and then check your logs to see if there are any denied ICMP inbound.
This answers the question entirely. You’re not scanning your computer, so CFP’s rules are not being utilized. You’re scanning your router, and your router is allowing the pings.
No offense to any of the security sites that offer these scanning services, but their business is based on convincing individuals that their view of security is the correct one. Thus, they have a stake in their opinion being accepting. A wider base of research would indicate that there is likely very little threat potential from allowing ICMP traffic.
If you want to drop Inbound ICMP Echo Requests, you will need to configure your router to do such for you. Be aware, though, that this may negatively impact your connectivity, as ISPs frequently ping their customers to make sure they’re still there and active. If they get no response, they may deactivate the connection (this is an automated process) until it’s restarted by the customer.
This has been brought up in the forum numerous of times. Should ICMP be allowed? My own network rules actually allow all of them In & Out (for uTorrent to gain a slight speed advantage). As gordon states, hackers can still know you’re there irregardless if they wanted to invest the time.
because Steve Gibson somehow makes a living on people being scared for no good reason.
(or maybe it’s people “re-magnetizing” their HDD’s who pay his bills?)
The scanner itself is OK but he does stretch the warnings “a bit” …
isn’t it actually against some some protocol not to pong a ping ?