CPU: AMD64 X2 4200+ (64 bit)
OS: Windows XP SP2 (32 bit)
Active Security: Avira AntiVir PersonalEdition Classic v7.06.00.270 updated to latest.
I have the following global rules:
1: Allow In/Out ICMP fragmentation-needed (Type 3, Code 4)
2: Allow In/Out ICMP Time-exceeded (Type 11, Code 0)
3: Allow In ICMP echo-reply (Type 0, Code 0)
4: Block In/Out ICMP Any
When I go to the "Stealth Ports Wizard’ and choose ‘Alert me to incoming connections - stealth my ports on a per-case basis’, which I had previously selected as my preferred choice, then I can, as expected, only press the Finish button. After this I’ll get the message ‘Your firewall has been configured accordingly’. So far so good, but when I subsequently go to ‘Network Security Policy’ and select the ‘Global Rules’ tab, the first time that I did this, my final ‘Block In/Out ICMP Any’ rule had suddenly disappeared and the ‘Block ICMP In From IP Any To IP Any Where ICMP Message IS ECHO REQUEST’ rule was automatically placed at the beginning of the global rules list.
When I removed the ‘Echo Request’ rule and once again made a ‘Block And Log ICMP In/Out From IP Any To IP Any Where ICMP Message Is Any’ (the same as before but with logging added
and no custom description field) and tried it again, this time the last block rule remained and the ‘Block Echo Request’ rule was again placed at the beginning of the list.
I am not sure if this is indeed a bug, but I think it might be better if some of the custom made rules were not automatically removed after using the Stealth Ports Wizard.