Block Pings



oldad
07-09-2005, 11:37 PM
Win XPro
1.Since the PC Cillin configuration fails, is it possible to configure the
MS firewall to block incoming pings or block computer reply.to a ping?
------------------------------------------------------------------------------------------------------------------------------------------------
2.Have installed PC-cillin Internet Security 2005.. got following from
Tech service but All ports grayed out and it fails Gibson ping test:
Following from TM Tech Service:
What we need to do is to add an entry on PC-cillin's Firewall profile.
Here's how:

1.) Launch the PC-cillin Internet Security 2005 console. To do this, click
Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
Security 2005.

2.) Click on Network Security.

3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
checkbox is selected. Under Edit Profile, choose the currently selected
profile on the list (marked by a green circle) and then click on Edit.

4.) Click on the Exception List tab.

5.) Click Add to start creating a new rule.
a.) On the Description box type in ICMP
b.) Leave Target as all applications
c.) Connection, select INCOMING
d.) Action, select DENY
e.) With Protocol, select ICMP
f.) With Ports, select ALL PORTS
g.) IP Setting is ALL ADDRESSES

6.) Click OK at the bottom.

7.) On the Exception List, make sure that the new rule created is listed and
the box before it has a checkmark. Click the OK button once you have
verified that the new rule created is listed and checked.

8.) To save the settings click the Apply button below.
--------------------------------------------------------------------
All works fine except for 5.f.(All Ports)
When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed out

.....Since All Ports grayed out and unable to be selected......In Shields Up
testing, the ping test fails and the computer replies to a ping.
------------------------------------------------------------------------------------------------------------------------------------------
Thanks in advance
oldad

Pegasus \(MVP\)
07-09-2005, 11:37 PM
"oldad" <ppswan@earthlink.net> wrote in message
news:ObgF8zaXFHA.1796@TK2MSFTNGP15.phx.gbl...
> Win XPro
> 1.Since the PC Cillin configuration fails, is it possible to configure the
> MS firewall to block incoming pings or block computer reply.to a ping?
> --------------------------------------------------------------------------
----------------------------------------------------------------------
> 2.Have installed PC-cillin Internet Security 2005.. got following from
> Tech service but All ports grayed out and it fails Gibson ping test:
> Following from TM Tech Service:
> What we need to do is to add an entry on PC-cillin's Firewall profile.
> Here's how:
>
> 1.) Launch the PC-cillin Internet Security 2005 console. To do this, click
> Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
> Security 2005.
>
> 2.) Click on Network Security.
>
> 3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
> checkbox is selected. Under Edit Profile, choose the currently selected
> profile on the list (marked by a green circle) and then click on Edit.
>
> 4.) Click on the Exception List tab.
>
> 5.) Click Add to start creating a new rule.
> a.) On the Description box type in ICMP
> b.) Leave Target as all applications
> c.) Connection, select INCOMING
> d.) Action, select DENY
> e.) With Protocol, select ICMP
> f.) With Ports, select ALL PORTS
> g.) IP Setting is ALL ADDRESSES
>
> 6.) Click OK at the bottom.
>
> 7.) On the Exception List, make sure that the new rule created is listed
and
> the box before it has a checkmark. Click the OK button once you have
> verified that the new rule created is listed and checked.
>
> 8.) To save the settings click the Apply button below.
> --------------------------------------------------------------------
> All works fine except for 5.f.(All Ports)
> When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed out
>
> ....Since All Ports grayed out and unable to be selected......In Shields
Up
> testing, the ping test fails and the computer replies to a ping.
> --------------------------------------------------------------------------
----------------------------------------------------------------
> Thanks in advance
> oldad
>
>

You do not need to select any addresses or ports when creating
a Trend Internet Security ICMP exception to allow incoming pings.
Your conclusion that incoming pings fail because of Trend is incorrect -
as you can easily confirm by examining the Trend firewall log
immediately after a ping attempt. When Trend blocks a ping attempt
then its log line will read "Security rule matched". It will also give
you the source address of the pinging machine.

I suspect that your pings are blocked by something else. Start by
pinging the test PC from inside your network, then move to the
outside.

oldad
07-09-2005, 11:37 PM
"Pegasus (MVP)" <I.can@fly.com> wrote in message
news:OIZF$9aXFHA.712@TK2MSFTNGP14.phx.gbl...
>
> "oldad" <ppswan@earthlink.net> wrote in message
> news:ObgF8zaXFHA.1796@TK2MSFTNGP15.phx.gbl...
>> Win XPro
>> 1.Since the PC Cillin configuration fails, is it possible to configure
>> the
>> MS firewall to block incoming pings or block computer reply.to a ping?
>> --------------------------------------------------------------------------
> ----------------------------------------------------------------------
>> 2.Have installed PC-cillin Internet Security 2005.. got following from
>> Tech service but All ports grayed out and it fails Gibson ping test:
>> Following from TM Tech Service:
>> What we need to do is to add an entry on PC-cillin's Firewall profile.
>> Here's how:
>>
>> 1.) Launch the PC-cillin Internet Security 2005 console. To do this,
>> click
>> Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
>> Security 2005.
>>
>> 2.) Click on Network Security.
>>
>> 3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
>> checkbox is selected. Under Edit Profile, choose the currently selected
>> profile on the list (marked by a green circle) and then click on Edit.
>>
>> 4.) Click on the Exception List tab.
>>
>> 5.) Click Add to start creating a new rule.
>> a.) On the Description box type in ICMP
>> b.) Leave Target as all applications
>> c.) Connection, select INCOMING
>> d.) Action, select DENY
>> e.) With Protocol, select ICMP
>> f.) With Ports, select ALL PORTS
>> g.) IP Setting is ALL ADDRESSES
>>
>> 6.) Click OK at the bottom.
>>
>> 7.) On the Exception List, make sure that the new rule created is listed
> and
>> the box before it has a checkmark. Click the OK button once you have
>> verified that the new rule created is listed and checked.
>>
>> 8.) To save the settings click the Apply button below.
>> --------------------------------------------------------------------
>> All works fine except for 5.f.(All Ports)
>> When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed out
>>
>> ....Since All Ports grayed out and unable to be selected......In Shields
> Up
>> testing, the ping test fails and the computer replies to a ping.
>> --------------------------------------------------------------------------
> ----------------------------------------------------------------
>> Thanks in advance
>> oldad
>>
>>
>
> You do not need to select any addresses or ports when creating
> a Trend Internet Security ICMP exception to allow incoming pings.
> Your conclusion that incoming pings fail because of Trend is incorrect -
> as you can easily confirm by examining the Trend firewall log
> immediately after a ping attempt. When Trend blocks a ping attempt
> then its log line will read "Security rule matched". It will also give
> you the source address of the pinging machine.
>
> I suspect that your pings are blocked by something else. Start by
> pinging the test PC from inside your network, then move to the
> outside.
>
>Thanks for the reply, however pings are not being blocked, that was my
>point.
Here is the info from Gibson , Shields Up:
"Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP Echo)
requests, making it visible on the Internet. Most personal firewalls can be
configured to block, drop, and ignore such ping requests in order to better
hide systems from hackers. This is highly recommended since "Ping" is among
the oldest and most common methods used to locate systems prior to further
exploitation.

Pegasus \(MVP\)
07-09-2005, 11:37 PM
"oldad" <ppswan@earthlink.net> wrote in message
news:un8J3VbXFHA.2768@tk2msftngp13.phx.gbl...
>
> "Pegasus (MVP)" <I.can@fly.com> wrote in message
> news:OIZF$9aXFHA.712@TK2MSFTNGP14.phx.gbl...
> >
> > "oldad" <ppswan@earthlink.net> wrote in message
> > news:ObgF8zaXFHA.1796@TK2MSFTNGP15.phx.gbl...
> >> Win XPro
> >> 1.Since the PC Cillin configuration fails, is it possible to configure
> >> the
> >> MS firewall to block incoming pings or block computer reply.to a ping?
>
>> -------------------------------------------------------------------------
-
> > ----------------------------------------------------------------------
> >> 2.Have installed PC-cillin Internet Security 2005.. got following
from
> >> Tech service but All ports grayed out and it fails Gibson ping test:
> >> Following from TM Tech Service:
> >> What we need to do is to add an entry on PC-cillin's Firewall profile.
> >> Here's how:
> >>
> >> 1.) Launch the PC-cillin Internet Security 2005 console. To do this,
> >> click
> >> Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin
Internet
> >> Security 2005.
> >>
> >> 2.) Click on Network Security.
> >>
> >> 3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
> >> checkbox is selected. Under Edit Profile, choose the currently selected
> >> profile on the list (marked by a green circle) and then click on Edit.
> >>
> >> 4.) Click on the Exception List tab.
> >>
> >> 5.) Click Add to start creating a new rule.
> >> a.) On the Description box type in ICMP
> >> b.) Leave Target as all applications
> >> c.) Connection, select INCOMING
> >> d.) Action, select DENY
> >> e.) With Protocol, select ICMP
> >> f.) With Ports, select ALL PORTS
> >> g.) IP Setting is ALL ADDRESSES
> >>
> >> 6.) Click OK at the bottom.
> >>
> >> 7.) On the Exception List, make sure that the new rule created is
listed
> > and
> >> the box before it has a checkmark. Click the OK button once you have
> >> verified that the new rule created is listed and checked.
> >>
> >> 8.) To save the settings click the Apply button below.
> >> --------------------------------------------------------------------
> >> All works fine except for 5.f.(All Ports)
> >> When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed out
> >>
> >> ....Since All Ports grayed out and unable to be selected......In
Shields
> > Up
> >> testing, the ping test fails and the computer replies to a ping.
>
>> -------------------------------------------------------------------------
-
> > ----------------------------------------------------------------
> >> Thanks in advance
> >> oldad
> >>
> >>
> >
> > You do not need to select any addresses or ports when creating
> > a Trend Internet Security ICMP exception to allow incoming pings.
> > Your conclusion that incoming pings fail because of Trend is incorrect -
> > as you can easily confirm by examining the Trend firewall log
> > immediately after a ping attempt. When Trend blocks a ping attempt
> > then its log line will read "Security rule matched". It will also give
> > you the source address of the pinging machine.
> >
> > I suspect that your pings are blocked by something else. Start by
> > pinging the test PC from inside your network, then move to the
> > outside.
> >
> >Thanks for the reply, however pings are not being blocked, that was my
> >point.
> Here is the info from Gibson , Shields Up:
> "Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP
Echo)
> requests, making it visible on the Internet. Most personal firewalls can
be
> configured to block, drop, and ignore such ping requests in order to
better
> hide systems from hackers. This is highly recommended since "Ping" is
among
> the oldest and most common methods used to locate systems prior to further
> exploitation.
>
>

You did not state what your network setup is. If you have
an ADSL modem/router then external pings are processed
by that router. As I said, if you wish to test your PC's firewall
then you must do this on your internal network.

oldad
07-09-2005, 11:38 PM
"Pegasus (MVP)" <I.can@fly.com> wrote in message
news:eb$UZocXFHA.3032@TK2MSFTNGP10.phx.gbl...
>
> "oldad" <ppswan@earthlink.net> wrote in message
> news:un8J3VbXFHA.2768@tk2msftngp13.phx.gbl...
>>
>> "Pegasus (MVP)" <I.can@fly.com> wrote in message
>> news:OIZF$9aXFHA.712@TK2MSFTNGP14.phx.gbl...
>> >
>> > "oldad" <ppswan@earthlink.net> wrote in message
>> > news:ObgF8zaXFHA.1796@TK2MSFTNGP15.phx.gbl...
>> >> Win XPro
>> >> 1.Since the PC Cillin configuration fails, is it possible to configure
>> >> the
>> >> MS firewall to block or ignore incoming pings or block computer
>> >> reply.to a ping?
>>
>>> -------------------------------------------------------------------------
> -
>> > ----------------------------------------------------------------------
>> >> 2.Have installed PC-cillin Internet Security 2005.. got following
> from
>> >> Tech service but All ports grayed out and it fails Gibson ping test:
>> >> Following from TM Tech Service:
>> >> What we need to do is to add an entry on PC-cillin's Firewall profile.
>> >> Here's how:
>> >>
>> >> 1.) Launch the PC-cillin Internet Security 2005 console. To do this,
>> >> click
>> >> Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin
> Internet
>> >> Security 2005.
>> >>
>> >> 2.) Click on Network Security.
>> >>
>> >> 3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
>> >> checkbox is selected. Under Edit Profile, choose the currently
>> >> selected
>> >> profile on the list (marked by a green circle) and then click on Edit.
>> >>
>> >> 4.) Click on the Exception List tab.
>> >>
>> >> 5.) Click Add to start creating a new rule.
>> >> a.) On the Description box type in ICMP
>> >> b.) Leave Target as all applications
>> >> c.) Connection, select INCOMING
>> >> d.) Action, select DENY
>> >> e.) With Protocol, select ICMP
>> >> f.) With Ports, select ALL PORTS
>> >> g.) IP Setting is ALL ADDRESSES
>> >>
>> >> 6.) Click OK at the bottom.
>> >>
>> >> 7.) On the Exception List, make sure that the new rule created is
> listed
>> > and
>> >> the box before it has a checkmark. Click the OK button once you have
>> >> verified that the new rule created is listed and checked.
>> >>
>> >> 8.) To save the settings click the Apply button below.
>> >> --------------------------------------------------------------------
>> >> All works fine except for 5.f.(All Ports)
>> >> When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed
>> >> out
>> >>
>> >> ....Since All Ports grayed out and unable to be selected......In
> Shields
>> > Up
>> >> testing, the ping test fails and the computer replies to a ping.
>>
>>> -------------------------------------------------------------------------
> -
>> > ----------------------------------------------------------------
>> >> Thanks in advance
>> >> oldad
>> >>
>> >>
>> >
>> > You do not need to select any addresses or ports when creating
>> > a Trend Internet Security ICMP exception to allow incoming pings.
>> > Your conclusion that incoming pings fail because of Trend is
>> > incorrect -
>> > as you can easily confirm by examining the Trend firewall log
>> > immediately after a ping attempt. When Trend blocks a ping attempt
>> > then its log line will read "Security rule matched". It will also give
>> > you the source address of the pinging machine.
>> >
>> > I suspect that your pings are blocked by something else. Start by
>> > pinging the test PC from inside your network, then move to the
>> > outside.
>> >
>> >Thanks for the reply, however pings are not being blocked, that was my
>> >point.
>> Here is the info from Gibson , Shields Up:
>> "Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP
> Echo)
>> requests, making it visible on the Internet. Most personal firewalls can
> be
>> configured to block, drop, and ignore such ping requests in order to
> better
>> hide systems from hackers. This is highly recommended since "Ping" is
> among
>> the oldest and most common methods used to locate systems prior to
>> further
>> exploitation.
>>
>>
>
> You did not state what your network setup is. If you have
> an ADSL modem/router then external pings are processed
> by that router. As I said, if you wish to test your PC's firewall
> then you must do this on your internal network.
>
>
I do not have a network just the puter WinXPPro and TM Internet Security
2005, , MS Malware removal tool, and MS Anti spyware,
..
Just truying to block ping per Smart Computing article which stated "Most
(but TM must not be one of the most) Firewalls can be configured to block or
ignore external pings."
The above instructions from TM Tech Service does not block ShieldsUp ping
test even tho ICMP Deny is listed in exceptions

That is the reason that I posted 1. above: Is it possible to configure MS
Firewall to block or ignore pings..or block computer from repling to a ping?
--------------------------------------------------------------------------------------------------------------------
Thanksfor your replies but guess this will be my last go at this string,
oldad

oldad
07-09-2005, 11:38 PM
"oldad" <ppswan@earthlink.net> wrote in message
news:OGic7hiXFHA.3176@TK2MSFTNGP12.phx.gbl...
>
> "Pegasus (MVP)" <I.can@fly.com> wrote in message
> news:eb$UZocXFHA.3032@TK2MSFTNGP10.phx.gbl...
>>
>> "oldad" <ppswan@earthlink.net> wrote in message
>> news:un8J3VbXFHA.2768@tk2msftngp13.phx.gbl...
>>>
>>> "Pegasus (MVP)" <I.can@fly.com> wrote in message
>>> news:OIZF$9aXFHA.712@TK2MSFTNGP14.phx.gbl...
>>> >
>>> > "oldad" <ppswan@earthlink.net> wrote in message
>>> > news:ObgF8zaXFHA.1796@TK2MSFTNGP15.phx.gbl...
>>> >> Win XPro
>>> >> 1.Since the PC Cillin configuration fails, is it possible to
>>> >> configure
>>> >> the
>>> >> MS firewall to block or ignore incoming pings or block computer
>>> >> reply.to a ping?
>>>
>>>> -------------------------------------------------------------------------
>> -
>>> > ----------------------------------------------------------------------
>>> >> 2.Have installed PC-cillin Internet Security 2005.. got following
>> from
>>> >> Tech service but All ports grayed out and it fails Gibson ping test:
>>> >> Following from TM Tech Service:
>>> >> What we need to do is to add an entry on PC-cillin's Firewall
>>> >> profile.
>>> >> Here's how:
>>> >>
>>> >> 1.) Launch the PC-cillin Internet Security 2005 console. To do this,
>>> >> click
>>> >> Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin
>> Internet
>>> >> Security 2005.
>>> >>
>>> >> 2.) Click on Network Security.
>>> >>
>>> >> 3.) Click on Personal Firewall. Make sure the Enable Personal
>>> >> Firewall
>>> >> checkbox is selected. Under Edit Profile, choose the currently
>>> >> selected
>>> >> profile on the list (marked by a green circle) and then click on
>>> >> Edit.
>>> >>
>>> >> 4.) Click on the Exception List tab.
>>> >>
>>> >> 5.) Click Add to start creating a new rule.
>>> >> a.) On the Description box type in ICMP
>>> >> b.) Leave Target as all applications
>>> >> c.) Connection, select INCOMING
>>> >> d.) Action, select DENY
>>> >> e.) With Protocol, select ICMP
>>> >> f.) With Ports, select ALL PORTS
>>> >> g.) IP Setting is ALL ADDRESSES
>>> >>
>>> >> 6.) Click OK at the bottom.
>>> >>
>>> >> 7.) On the Exception List, make sure that the new rule created is
>> listed
>>> > and
>>> >> the box before it has a checkmark. Click the OK button once you have
>>> >> verified that the new rule created is listed and checked.
>>> >>
>>> >> 8.) To save the settings click the Apply button below.
>>> >> --------------------------------------------------------------------
>>> >> All works fine except for 5.f.(All Ports)
>>> >> When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed
>>> >> out
>>> >>
>>> >> ....Since All Ports grayed out and unable to be selected......In
>> Shields
>>> > Up
>>> >> testing, the ping test fails and the computer replies to a ping.
>>>
>>>> -------------------------------------------------------------------------
>> -
>>> > ----------------------------------------------------------------
>>> >> Thanks in advance
>>> >> oldad
>>> >>
>>> >>
>>> >
>>> > You do not need to select any addresses or ports when creating
>>> > a Trend Internet Security ICMP exception to allow incoming pings.
>>> > Your conclusion that incoming pings fail because of Trend is
>>> > incorrect -
>>> > as you can easily confirm by examining the Trend firewall log
>>> > immediately after a ping attempt. When Trend blocks a ping attempt
>>> > then its log line will read "Security rule matched". It will also give
>>> > you the source address of the pinging machine.
>>> >
>>> > I suspect that your pings are blocked by something else. Start by
>>> > pinging the test PC from inside your network, then move to the
>>> > outside.
>>> >
>>> >Thanks for the reply, however pings are not being blocked, that was my
>>> >point.
>>> Here is the info from Gibson , Shields Up:
>>> "Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP
>> Echo)
>>> requests, making it visible on the Internet. Most personal firewalls can
>> be
>>> configured to block, drop, and ignore such ping requests in order to
>> better
>>> hide systems from hackers. This is highly recommended since "Ping" is
>> among
>>> the oldest and most common methods used to locate systems prior to
>>> further
>>> exploitation.
>>>
>>>
>>
>> You did not state what your network setup is. If you have
>> an ADSL modem/router then external pings are processed
>> by that router. As I said, if you wish to test your PC's firewall
>> then you must do this on your internal network.
>>
>>
> I do not have a network just the puter WinXPPro and TM Internet Security
> 2005, , MS Malware removal tool, and MS Anti spyware,
> .
> Just truying to block ping per Smart Computing article which stated "Most
> (but TM must not be one of the most) Firewalls can be configured to block
> or ignore external pings."
> The above instructions from TM Tech Service does not block ShieldsUp ping
> test even tho ICMP Deny is listed in exceptions
>
> That is the reason that I posted 1. above: Is it possible to configure MS
> Firewall to block or ignore pings..or block computer from repling to a
> ping?
> --------------------------------------------------------------------------------------------------------------------
> Thanksfor your replies but guess this will be my last go at this string,
> oldad
>
Ho Pegasus,
Thnks for your efforts, it got me to thinking

Finally did it with a DLink router...pings blocked and/or ignored and all
stealthed,at least with GibsonShieldsUp

I'm outta here

Scott
07-09-2005, 11:42 PM
You could also use the Windows xp firewall and you will return a
"stealth" mode from Gibsons. My pccillin firewall has always returned
a "failed" test on Gibsons due to this ping return. However, the port
is also listed as "closed" rather than "stealth" so I don't worry
about it and have had no virus attacks.
On Fri, 20 May 2005 22:29:57 -0400, "oldad" <ppswan@earthlink.net>
wrote:

>Win XPro
>1.Since the PC Cillin configuration fails, is it possible to configure the
>MS firewall to block incoming pings or block computer reply.to a ping?
>------------------------------------------------------------------------------------------------------------------------------------------------
>2.Have installed PC-cillin Internet Security 2005.. got following from
>Tech service but All ports grayed out and it fails Gibson ping test:
>Following from TM Tech Service:
>What we need to do is to add an entry on PC-cillin's Firewall profile.
>Here's how:
>
>1.) Launch the PC-cillin Internet Security 2005 console. To do this, click
>Start > Programs > Trend Micro PC-cillin > Trend Micro PC-cillin Internet
>Security 2005.
>
>2.) Click on Network Security.
>
>3.) Click on Personal Firewall. Make sure the Enable Personal Firewall
>checkbox is selected. Under Edit Profile, choose the currently selected
>profile on the list (marked by a green circle) and then click on Edit.
>
>4.) Click on the Exception List tab.
>
>5.) Click Add to start creating a new rule.
> a.) On the Description box type in ICMP
> b.) Leave Target as all applications
> c.) Connection, select INCOMING
> d.) Action, select DENY
> e.) With Protocol, select ICMP
> f.) With Ports, select ALL PORTS
> g.) IP Setting is ALL ADDRESSES
>
>6.) Click OK at the bottom.
>
>7.) On the Exception List, make sure that the new rule created is listed and
>the box before it has a checkmark. Click the OK button once you have
>verified that the new rule created is listed and checked.
>
>8.) To save the settings click the Apply button below.
>--------------------------------------------------------------------
>All works fine except for 5.f.(All Ports)
>When I select 5.e:Protocol and enter ICMP, All Ports becomes grayed out
>
>....Since All Ports grayed out and unable to be selected......In Shields Up
>testing, the ping test fails and the computer replies to a ping.
>------------------------------------------------------------------------------------------------------------------------------------------
>Thanks in advance
>oldad
>


Block Pings