stealth check failed

have done a stealth check on common ports on grc.com - shields up and my pc failed giving this reply

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since “Ping” is among the oldest and most common methods used to locate systems prior to further exploitation.

have read thru FAQ here

https://forums.comodo.com/faq_for_comodo_firewall/block_ping_icmp_echo_requests-t3677.0.html

made the block rule and it still fails the test (:SAD)

it used to pass stealth test before i reinstalled comodo altho i did see a mention of modems… i had a new modem from my isp a couple of months back. :-\

Although I’m not running CFP 2.4, I believe 2.4 creates default Network Monitor rules. I seem to remember that one of these is for a ICMP Echo Request. So, I think you should push this rule below the final Block & Log rule in the Network Monitor to disable it (if its below the final Block & Log rule, it will never get triggered).

I hope that helps.

theres an ICMP echo request out? would it be this one?

Default Network rules are listed here: https://forums.comodo.com/faq_for_comodo_firewall/tutorials_a_compiled_resource-t6167.0.html;msg45547#msg45547

That’s an Outbound Echo Request (ie, you Ping someone else), not an Outbound Echo Reply (the response to their Ping). Default rules in CFP do not allow a Ping response.

You mention a modem. Can you provide the Make and Model of it? It may have built in routing capabilities or somesuch; in which case you’re scanning that, not your computer.

LM

Yes… But, isn’t that Outbound ICMP Echo Request also allowing a Echo Request Reply, ie. the reason why they know you’re there. Because you responded to an Echo… some software needs it. Breaks things like P2P & torrents. Of course… I’m old, but not grumpy… so my memory could be playing tricks on me. :slight_smile:

modem is an Ambit 255

when i moved that ICMP echo request to the bottom i got a stealth report

They should be two different things; they are coded differently. Echo Request is what you send out (or what GRC etc sends out). Echo Reply is what the response must be (if such a response is allowed).

However, it does appear that this is tied in with that rule. You will note on the ICMP Details tab of that rule, that there is a separate entry for Echo Reply. Echo Request should not be doing this. I would suggest filing a ticket with Comodo Support if you want to know more about why this is happening.

There’s no indication that the Ambit U10C018 (rebranded by Virgin to 255) has any routing or NAT function, so it doesn’t appear to be that…

LM

ok… own up… who stealthed my pc while i was sleeping ???

:BNC thank you whoever it was (:HUG)

Erm… you did, before you went to bed. (:AGL)

i did, but then i moved the ICMP back to as it was (:TNG)

Maybe at some point prior (at or around the time of testing) you had inadvertently allowed something via a popup.

If you shut down the computer while you were sleeping, this would reset any such temporary rules.

Just a guess…otherwise we’re left with only the “little green men” theory, LOL.

LM

Hey! That’s the same guy that messed up my computer last week! (:AGY)