Stoping Ping reply

JamesKB · March 28, 2007, 10:39pm

Is there anyway to have CFP set so my computer does not reply to ping requests???

Thank you for your time.

system · March 28, 2007, 10:55pm

JamesKB, welcome to the forum.

CFP’s default rules already blocks incoming pings (because there is no Network rule to allow incoming ICMP for Echo Reply/Request)
If you’re running a router than the other party maybe reaching it instead of your PC

Please see related threads:
https://forums.comodo.com/index.php/topic,3478.0.html
https://forums.comodo.com/index.php/topic,7175.0.html

JamesKB · March 29, 2007, 3:58am

I’m not behind a router. Here are my netmon settings:

ID Permmision Protocol Source Destination Criteria
0 Allow TCPUDT OUT ANY ANY WHERE SOURCE PORT IS [ANY] Destination
1 Allow ICMP OUT ANY ANY WHERE ICMP MESSAGE IS ECHO REQUEST
2 Allow ICMP IN ANY ANY WHERE ICMP MESSAGE IS FRAGMENTATION NEED
3 Allow ICMP IN ANY ANY WHERE ICMP MESSAGE IS TIME EXCEEDED
4 Allow IP OUT ANY ANY WHERE IPPROTO IS GRE
5 BLOCK & LOG IP/OUT ANY ANY WHERE IPPROTO IS ANY

Do you see any problems with these?
Thanks for your time.

sullo · March 29, 2007, 4:25am

Hi JamesKB

The ntmon rules are the cpf defaults, thats fine.
Been doing shieldsup test?
I’m not behind a router either but my adsl modem has an option to allow/deny incoming ping. Used by the isp for connection testing.
When I first did port tests everything was open, the silly buggers hadn’t even enabled the firewall. Firewall enabled and incoming ping disable did another test.
“what a great computer you have, you don’t even exist”. Yeah right.
Tick allow incoming ping. “now we can see you”. Yeah good for you.

Have a look at your modem documentation and settings to see if you have similar options.

:■■■■

JamesKB · March 29, 2007, 12:34pm

Thanks for the information. I’ll have a look at the modem docs. Thanks for your time.

system · March 29, 2007, 1:39pm

Let us know how it goes after you configure it.

Damitha · March 29, 2007, 4:28pm

Hi,

Just by disabling ICMP you can not get rid of this threat. You can always use “tcp ping”
Make sure all the unnecessary ports are closed.

This is from Googling

Renaud & I were wondering what the best list of ports for TCP ping
could be.
When a machine is not firewalled, it doesn’t matter. Otherwise:

80 is often open, but it may be disturbed by transparent proxys.
22, 25, 443 are also good candidates
113 is even better, because it either properly rejected by the
firewall, or allowed.
But if the firewall rejects connections on port 113 for all
addresses, we’ll see all the IP range “up”.

There is no simple solution. But what the best default could be?

80;443;25
113;80;25
80 (former default)

regards,
Dam