Bogey62 0 Posted February 3, 2021 Share Posted February 3, 2021 How can I set ESET Internet Security to block my computer from responding to Ping (ICMP Echo) requests? Thank you! Link to comment Share on other sites More sharing options...
itman 1,749 Posted February 3, 2021 Share Posted February 3, 2021 Normally these are blocked by your router's firewall. Eset default firewall rules block ICMP echo reply request to non-Trusted Network sources. Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 3, 2021 Author Share Posted February 3, 2021 53 minutes ago, itman said: Normally these are blocked by your router's firewall. Eset default firewall rules block ICMP echo reply request to non-Trusted Network sources. This is what I thought too, but when I go to https://www.grc.com/ and run the Shields Up test for Common Ports, it says my system is responding to Ping requests. On my old router I could turn off Allow Incoming Ping Requests, but on the new router I have I can't find a similar setting. ESET is allowing my system to respond, as is the new router. Link to comment Share on other sites More sharing options...
Solution itman 1,749 Posted February 3, 2021 Solution Share Posted February 3, 2021 34 minutes ago, Bogey62 said: This is what I thought too, but when I go to https://www.grc.com/ and run the Shields Up test for Common Ports, it says my system is responding to Ping requests. The Gibson Research tests are being performed against your router settings. Hence the failure to echo reply test. To use this web test to test Eset's firewall, you will have to temporarily disable your router's firewall. Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 4, 2021 Author Share Posted February 4, 2021 13 hours ago, itman said: The Gibson Research tests are being performed against your router settings. Hence the failure to echo reply test. To use this web test to test Eset's firewall, you will have to temporarily disable your router's firewall. Thank you! Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted February 5, 2021 Most Valued Members Share Posted February 5, 2021 19 hours ago, Bogey62 said: Thank you! It is better to set your router to block/reject all incoming and only allow outgoing, also with ping being blocked. So you can protect other devices that can connect to internet and doesn't have a security software , like your TV. Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 5, 2021 Author Share Posted February 5, 2021 4 hours ago, Nightowl said: It is better to set your router to block/reject all incoming and only allow outgoing, also with ping being blocked. So you can protect other devices that can connect to internet and doesn't have a security software , like your TV. Yes, but the problem with this new router from the fiber service is that it doesn't seem to have a mechanism to block ICMP (ping) requests. It responds to them. My Netgear router for cable had that option in plain sight. Link to comment Share on other sites More sharing options...
itman 1,749 Posted February 5, 2021 Share Posted February 5, 2021 (edited) FYI. Below is a screen shot of Eset firewall default rules in regards to IPv4 ICMP. As shown, it doesn't not allow outbound echo response traffic outside of the local subnet: Edited February 5, 2021 by itman Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 5, 2021 Author Share Posted February 5, 2021 3 hours ago, itman said: FYI. Below is a screen shot of Eset firewall default rules in regards to IPv4 ICMP. As shown, it doesn't not allow outbound echo response traffic outside of the local subnet: I'm running ESET Internet Security 14.0.22.0 and here is a screenshot of my Firewall Rules area. I don't have any of those settings that yours shows by default. Thanks! Link to comment Share on other sites More sharing options...
itman 1,749 Posted February 5, 2021 Share Posted February 5, 2021 4 minutes ago, Bogey62 said: I'm running ESET Internet Security 14.0.22.0 and here is a screenshot of my Firewall Rules area. I don't have any of those settings that yours shows by default. You have to enable the "Show built in (predefined) rules" setting to view Eset firewall default rules. Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 5, 2021 Author Share Posted February 5, 2021 (edited) 6 minutes ago, itman said: You have to enable the "Show built in (predefined) rules" setting to view Eset firewall default rules. OK, I see the same settings as you do now and they are enabled just like yours, but according to the Shields Up! web site: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." I can't find any setting specific to this in my new router, unlike the one contained in my old Netgear router. I don't know how to kill this system from responding as it used to under my old router settings. ESET doesn't seem to be doing anything here. Is it the router itself responding? I'm not an expert at this by any means. Edited February 5, 2021 by Bogey62 Link to comment Share on other sites More sharing options...
itman 1,749 Posted February 5, 2021 Share Posted February 5, 2021 11 minutes ago, Bogey62 said: K, I see the same settings as you do now and they are enabled just like yours, but according to the Shields Up! web site: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." This was explained previously. You will have to bypass the router in able to test Eset firewall settings. This is usually done by temporarily disabling the router's firewall. Again, the Shields Up test is testing your router's settings when one is present. The test cannot bypass the router nor will the echo request transaction be forwarded by the router to your device. The router is sending the echo response to the GRC web site server and this is what is shown in the test result. If you don't believe, search the web on this test. There are multiple postings attesting to what I have posted. Link to comment Share on other sites More sharing options...
Bogey62 0 Posted February 5, 2021 Author Share Posted February 5, 2021 2 minutes ago, itman said: This was explained previously. You will have to bypass the router in able to test Eset firewall settings. This is usually done by temporarily disabling the router's firewall. Again, the Shields Up test is testing your router's settings when one is present. The test cannot bypass the router nor will the echo request transaction be forwarded by the router to your device. The router is sending the echo response to the GRC web site server and this is what is shown in the test result. If you don't believe, search the web on this test. There are multiple postings attesting to what I have posted. Yes, I re-read that information. Thank you for all of the replies on this matter. I appreciate your time. Link to comment Share on other sites More sharing options...
Recommended Posts