Block Pings

[oldad]

Win XPro
1.Since the PC Cillin configuration fails, is it possible to configure the
MS firewall to block incoming pings or block computer reply.to a ping?
------------------------------------------------------------------------------------------------------------------------------------------------
2.Have installed PC-cillin Internet Security 2005.. got following from
Tech service but All ports grayed out and it fails Gibson ping test:
Following from TM Tech Service:
What we need to do is to add an entry on PC-cillin's Firewall profile.
Here's how:

1.) Launch the PC-cillin Internet Security 2005 console. To do this, click
Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
Security 2005.

2.) Click on Network Security.

3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
checkbox is selected. Under Edit Profile, choose the currently selected
profile on the list (marked by a green circle) and then click on Edit.

4.) Click on the Exception List tab.

5.) Click Add to start creating a new rule.
a.) On the Description box type in ICMP
b.) Leave Target as all applications
c.) Connection, select INCOMING
d.) Action, select DENY
e.) With Protocol, select ICMP
f.) With Ports, select ALL PORTS
g.) IP Setting is ALL ADDRESSES

6.) Click OK at the bottom.

7.) On the Exception List, make sure that the new rule created is listed and
the box before it has a checkmark. Click the OK button once you have
verified that the new rule created is listed and checked.

8.) To save the settings click the Apply button below.
--------------------------------------------------------------------
All works fine except for 5.f.(All Ports)
When I select 5.erotocol and enter ICMP, All Ports becomes grayed out

.....Since All Ports grayed out and unable to be selected......In Shields Up
testing, the ping test fails and the computer replies to a ping.

 

[Pegasus \(MVP\)]

Win XPro
1.Since the PC Cillin configuration fails, is it possible to configure the
MS firewall to block incoming pings or block computer reply.to a ping?
-------------------------------------------------------------------------- ----------------------------------------------------------------------
2.Have installed PC-cillin Internet Security 2005.. got following from
Tech service but All ports grayed out and it fails Gibson ping test:
Following from TM Tech Service:
What we need to do is to add an entry on PC-cillin's Firewall profile.
Here's how:

1.) Launch the PC-cillin Internet Security 2005 console. To do this, click
Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
Security 2005.

2.) Click on Network Security.

3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
checkbox is selected. Under Edit Profile, choose the currently selected
profile on the list (marked by a green circle) and then click on Edit.

4.) Click on the Exception List tab.

5.) Click Add to start creating a new rule.
a.) On the Description box type in ICMP
b.) Leave Target as all applications
c.) Connection, select INCOMING
d.) Action, select DENY
e.) With Protocol, select ICMP
f.) With Ports, select ALL PORTS
g.) IP Setting is ALL ADDRESSES

6.) Click OK at the bottom.

7.) On the Exception List, make sure that the new rule created is listed and
the box before it has a checkmark. Click the OK button once you have
verified that the new rule created is listed and checked.

8.) To save the settings click the Apply button below.
--------------------------------------------------------------------
All works fine except for 5.f.(All Ports)
When I select 5.erotocol and enter ICMP, All Ports becomes grayed out

....Since All Ports grayed out and unable to be selected......In Shields Up
testing, the ping test fails and the computer replies to a ping.
-------------------------------------------------------------------------- ----------------------------------------------------------------
Thanks in advance
oldad

You do not need to select any addresses or ports when creating
a Trend Internet Security ICMP exception to allow incoming pings.
Your conclusion that incoming pings fail because of Trend is incorrect -
as you can easily confirm by examining the Trend firewall log
immediately after a ping attempt. When Trend blocks a ping attempt
then its log line will read "Security rule matched". It will also give
you the source address of the pinging machine.

I suspect that your pings are blocked by something else. Start by
pinging the test PC from inside your network, then move to the
outside.

 

[oldad]

You do not need to select any addresses or ports when creating
a Trend Internet Security ICMP exception to allow incoming pings.
Your conclusion that incoming pings fail because of Trend is incorrect -
as you can easily confirm by examining the Trend firewall log
immediately after a ping attempt. When Trend blocks a ping attempt
then its log line will read "Security rule matched". It will also give
you the source address of the pinging machine.

I suspect that your pings are blocked by something else. Start by
pinging the test PC from inside your network, then move to the
outside.

Thanks for the reply, however pings are not being blocked, that was my
point.

Here is the info from Gibson , Shields Up:
"Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP Echo)
requests, making it visible on the Internet. Most personal firewalls can be
configured to block, drop, and ignore such ping requests in order to better
hide systems from hackers. This is highly recommended since "Ping" is among
the oldest and most common methods used to locate systems prior to further
exploitation.

 

[Pegasus \(MVP\)]

Here is the info from Gibson , Shields Up:
"Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP Echo)
requests, making it visible on the Internet. Most personal firewalls can be
configured to block, drop, and ignore such ping requests in order to better
hide systems from hackers. This is highly recommended since "Ping" is among
the oldest and most common methods used to locate systems prior to further
exploitation.

You did not state what your network setup is. If you have
an ADSL modem/router then external pings are processed
by that router. As I said, if you wish to test your PC's firewall
then you must do this on your internal network.

 

[oldad]

You did not state what your network setup is. If you have
an ADSL modem/router then external pings are processed
by that router. As I said, if you wish to test your PC's firewall
then you must do this on your internal network.

I do not have a network just the puter WinXPPro and TM Internet Security
2005, , MS Malware removal tool, and MS Anti spyware,
..
Just truying to block ping per Smart Computing article which stated "Most
(but TM must not be one of the most) Firewalls can be configured to block or
ignore external pings."
The above instructions from TM Tech Service does not block ShieldsUp ping
test even tho ICMP Deny is listed in exceptions

That is the reason that I posted 1. above: Is it possible to configure MS
Firewall to block or ignore pings..or block computer from repling to a ping?

 

[oldad]

I do not have a network just the puter WinXPPro and TM Internet Security
2005, , MS Malware removal tool, and MS Anti spyware,
.
Just truying to block ping per Smart Computing article which stated "Most
(but TM must not be one of the most) Firewalls can be configured to block
or ignore external pings."
The above instructions from TM Tech Service does not block ShieldsUp ping
test even tho ICMP Deny is listed in exceptions

That is the reason that I posted 1. above: Is it possible to configure MS
Firewall to block or ignore pings..or block computer from repling to a
ping?

Ho Pegasus,
Thnks for your efforts, it got me to thinking

Finally did it with a DLink router...pings blocked and/or ignored and all
stealthed,at least with GibsonShieldsUp

I'm outta here

 

[Scott]

You could also use the Windows xp firewall and you will return a
"stealth" mode from Gibsons. My pccillin firewall has always returned
a "failed" test on Gibsons due to this ping return. However, the port
is also listed as "closed" rather than "stealth" so I don't worry
about it and have had no virus attacks.