Jump to content

Block responding to Ping (ICMP Echo) requests


Go to solution Solved by itman,

Recommended Posts

Normally these are blocked by your router's firewall.

Eset default firewall rules block ICMP echo reply request to non-Trusted Network sources.

Link to comment
Share on other sites

53 minutes ago, itman said:

Normally these are blocked by your router's firewall.

Eset default firewall rules block ICMP echo reply request to non-Trusted Network sources.

 

This is what I thought too, but when I go to https://www.grc.com/

and run the Shields Up test for Common Ports, it says my system is responding to Ping requests.

On my old router I could turn off Allow Incoming Ping Requests, but on the new router I have I can't find a similar setting.

ESET is allowing my system to respond, as is the new router.

Link to comment
Share on other sites

  • Solution
34 minutes ago, Bogey62 said:

This is what I thought too, but when I go to https://www.grc.com/

and run the Shields Up test for Common Ports, it says my system is responding to Ping requests.

The Gibson Research tests are being performed against your router settings. Hence the failure to echo reply test. To use this web test to test Eset's firewall, you will have to temporarily disable your router's firewall.

Link to comment
Share on other sites

13 hours ago, itman said:

The Gibson Research tests are being performed against your router settings. Hence the failure to echo reply test. To use this web test to test Eset's firewall, you will have to temporarily disable your router's firewall.

Thank you!

Link to comment
Share on other sites

  • Most Valued Members
19 hours ago, Bogey62 said:

Thank you!

It is better to set your router to block/reject all incoming and only allow outgoing, also with ping being blocked.

So you can protect other devices that can connect to internet and doesn't have a security software , like your TV.

Link to comment
Share on other sites

4 hours ago, Nightowl said:

It is better to set your router to block/reject all incoming and only allow outgoing, also with ping being blocked.

So you can protect other devices that can connect to internet and doesn't have a security software , like your TV.

Yes, but the problem with this new router from the fiber service is that it doesn't seem to have a mechanism to block ICMP (ping) requests. It responds to them. My Netgear router for cable had that option in plain sight.

Link to comment
Share on other sites

FYI. Below is a screen shot of Eset firewall default rules in regards to IPv4 ICMP. As shown, it doesn't not allow outbound echo response traffic outside of the local subnet:

Eset_Echo.png.33a575112a251a22d01f6064b127e653.png

Edited by itman
Link to comment
Share on other sites

3 hours ago, itman said:

FYI. Below is a screen shot of Eset firewall default rules in regards to IPv4 ICMP. As shown, it doesn't not allow outbound echo response traffic outside of the local subnet:

Eset_Echo.png.33a575112a251a22d01f6064b127e653.png

I'm running ESET Internet Security 14.0.22.0 and here is a screenshot of my Firewall Rules area. I don't have any of those settings that yours shows by default.

 

Thanks!

Firewall Rules.JPG

Link to comment
Share on other sites

4 minutes ago, Bogey62 said:

I'm running ESET Internet Security 14.0.22.0 and here is a screenshot of my Firewall Rules area. I don't have any of those settings that yours shows by default.

You have to enable the "Show built in (predefined) rules" setting to view Eset firewall default rules.

Link to comment
Share on other sites

6 minutes ago, itman said:

You have to enable the "Show built in (predefined) rules" setting to view Eset firewall default rules.

OK, I see the same settings as you do now and they are enabled just like yours, but according to the Shields Up! web site:

 

"Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation."

 

I can't find any setting specific to this in my new router, unlike the one contained in my old Netgear router. I don't know how to kill this system from responding as it used to under my old router settings. ESET doesn't seem to be doing anything here. Is it the router itself responding? I'm not an expert at this by any means.

Edited by Bogey62
Link to comment
Share on other sites

11 minutes ago, Bogey62 said:

K, I see the same settings as you do now and they are enabled just like yours, but according to the Shields Up! web site:

 

"Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation."

This was explained previously.

You will have to bypass the router in able to test Eset firewall settings. This is usually done by temporarily disabling the router's firewall.

Again, the Shields Up test is testing your router's settings when one is present. The test cannot bypass the router nor will the echo request transaction be forwarded by the router to your device. The router is sending the echo response to the GRC web site server and this is what is shown in the test result.

If you don't believe, search the web on this test. There are multiple postings attesting to what I have posted.

Link to comment
Share on other sites

2 minutes ago, itman said:

This was explained previously.

You will have to bypass the router in able to test Eset firewall settings. This is usually done by temporarily disabling the router's firewall.

Again, the Shields Up test is testing your router's settings when one is present. The test cannot bypass the router nor will the echo request transaction be forwarded by the router to your device. The router is sending the echo response to the GRC web site server and this is what is shown in the test result.

If you don't believe, search the web on this test. There are multiple postings attesting to what I have posted.

Yes, I re-read that information. Thank you for all of the replies on this matter. I appreciate your time.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...