ICMP Flood Attacks????

[scgt1 1]

20 hours ago, itman said:

Port 88 is used by Xbox Live 360.

Port 89 only use I know of is:

port 89 is a dedicated services port used as a Telnet Gateway between Mass Institue of Technology (MIT) and ___ University (SU)

Note that if you are using a router, the GRC test is reflecting the inbound port status of the router.

Your Flood attacks are most likely due to this:

Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

Again, this can be controlled via router firewall settings. However with some ISP provided routers, ICMP Echo Reply requests are allowed since the ISP uses such to ensure connectivity exists.

So the two ports that are open are ok?

What would I need to do with the router settings for the ping reply? Using R7000 retail non ISP provided.

[itman 1,746]

1 hour ago, scgt1 said:

So the two ports that are open are ok?

According to this: https://kb.netgear.com/1166/Port-numbers-for-port-forwarding , by default all inbound ports on your router's WAN side are closed by default. So if ports are open, you would have had to do that manually -or- the router has been hacked. I know of no reason why port 89 should be open.

As far as ICMP configuration, refer to this: https://community.netgear.com/t5/Nighthawk-WiFi-Routers/quot-Respond-to-Ping-on-Internet-Port-quot-option-is-dimmed/td-p/382450

For router issues, you are best advised to contact Netgear or go their user forums forums.

Also see this reply: https://forum.eset.com/topic/12141-icmp-flood-solved/

Edited June 1, 2017 by itman