Anti-Spyware Forums


Reply
Thread Tools Display Modes

Enable firewall to ignore ping requests

 
 
Tim
Guest
Posts: n/a

 
      26-11-2004, 10:00 AM
I have just used Gibson research shields up utility and whilst it says that
my pc has passed most of the tests it says that it is open to ping requests
and is not, therefore totally protected. How do I configure sp2 firewall to
reject ping requests?


Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP Echo)
requests, making it visible on the Internet. Most personal firewalls can be
configured to block, drop, and ignore such ping requests in order to better
hide systems from hackers. This is highly recommended since "Ping" is among
the oldest and most common methods used to locate systems prior to further
exploitation.



 
Reply With Quote
 
 
 
 
Jason
Guest
Posts: n/a

 
      26-11-2004, 10:37 AM
* Tim <(E-Mail Removed)>:
> I have just used Gibson research shields up utility and whilst it says that
> my pc has passed most of the tests it says that it is open to ping requests
> and is not, therefore totally protected. How do I configure sp2 firewall to
> reject ping requests?
>
>
> Ping Reply: RECEIVED (FAILED) - Your system REPLIED to our Ping (ICMP Echo)
> requests, making it visible on the Internet. Most personal firewalls can be
> configured to block, drop, and ignore such ping requests in order to better
> hide systems from hackers. This is highly recommended since "Ping" is among
> the oldest and most common methods used to locate systems prior to further
> exploitation.
>
>
>


Dont worry about it ping isn't nearly as evil as Steve makes out, he has
a tendency to use scare tactics.

Jason
 
Reply With Quote
 
 
 
 
Karl Levinson, mvp
Guest
Posts: n/a

 
      26-11-2004, 01:06 PM

"Jason" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...

> Dont worry about it ping isn't nearly as evil as Steve makes out, he has
> a tendency to use scare tactics.


Agreed.

Blocking ping is controversial, because you can still be visible even with
ping blocked. I do block ping on my system, though, I believe.

How to do this depends on what firewall you're using. Here's how to
configure the Windows XP firewall:

http://securityadmin.info/faq.asp#icf

Or, you can install free firewalls like www.kerio.com, www.sygate.com or
www.zonealarm.com These have more functionality than the Windows firewall,
and will give you a lot more information about mystery executables on your
system [I think the XP firewall tells you pretty much nothing about these.].
But they may take more effort to maintain. For example, if you end up
blocking something important, you have to look at the logs and figure out
what needs to be unblocked.




 
Reply With Quote
 
Mr. Kurtz
Guest
Posts: n/a

 
      26-11-2004, 02:18 PM

"Karl Levinson, mvp" <(E-Mail Removed)> wrote in message
news:e%(E-Mail Removed)...
>
> "Jason" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>
> > Dont worry about it ping isn't nearly as evil as Steve makes out, he has
> > a tendency to use scare tactics.

>
> Agreed.
>
> Blocking ping is controversial, because you can still be visible even with
> ping blocked. I do block ping on my system, though, I believe.
>
> How to do this depends on what firewall you're using. Here's how to
> configure the Windows XP firewall:
>
> http://securityadmin.info/faq.asp#icf
>
> Or, you can install free firewalls like www.kerio.com, www.sygate.com or
> www.zonealarm.com These have more functionality than the Windows

firewall,
> and will give you a lot more information about mystery executables on your
> system [I think the XP firewall tells you pretty much nothing about

these.].
> But they may take more effort to maintain. For example, if you end up
> blocking something important, you have to look at the logs and figure out
> what needs to be unblocked.
>


To the OP:
Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any of
thse is far superior to the XP firewall. You would be well served.

With regard to this particular post:
References to "blocking something important" smacks of FUD; particularly
after agreeing with the assesment of Gibson's "scare tactics".


Kurtz


 
Reply With Quote
 
Jason
Guest
Posts: n/a

 
      26-11-2004, 06:36 PM
* Mr. Kurtz <MisterKurtz@TheCentralStation>:
>> Agreed.
>>
>> Blocking ping is controversial, because you can still be visible even with
>> ping blocked. I do block ping on my system, though, I believe.
>>
>> How to do this depends on what firewall you're using. Here's how to
>> configure the Windows XP firewall:
>>
>> http://securityadmin.info/faq.asp#icf
>>
>> Or, you can install free firewalls like www.kerio.com, www.sygate.com or
>> www.zonealarm.com These have more functionality than the Windows

> firewall,
>> and will give you a lot more information about mystery executables on your
>> system [I think the XP firewall tells you pretty much nothing about

> these.].
>> But they may take more effort to maintain. For example, if you end up
>> blocking something important, you have to look at the logs and figure out
>> what needs to be unblocked.
>>

>
> To the OP:
> Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any of
> thse is far superior to the XP firewall. You would be well served.
>
> With regard to this particular post:
> References to "blocking something important" smacks of FUD; particularly
> after agreeing with the assesment of Gibson's "scare tactics".
>
>
> Kurtz
>
>


I disagree Kurtz, I don't read that as FUD I read it as be sure what you
block or you may not be able to access say the internet, your email etc.

Jason
 
Reply With Quote
 
Karl Levinson, mvp
Guest
Posts: n/a

 
      27-11-2004, 03:48 PM

"Mr. Kurtz" <MisterKurtz@TheCentralStation> wrote in message
news:(E-Mail Removed)...

> > Or, you can install free firewalls like www.kerio.com, www.sygate.com or
> > www.zonealarm.com These have more functionality than the Windows

> firewall,
> > and will give you a lot more information about mystery executables on

your
> > system [I think the XP firewall tells you pretty much nothing about

> these.].
> > But they may take more effort to maintain. For example, if you end up
> > blocking something important, you have to look at the logs and figure

out
> > what needs to be unblocked.


> To the OP:
> Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any

of
> thse is far superior to the XP firewall. You would be well served.


That's *much* easier said than done. Many people get frustrated and give
up. And if your firewall is configured to prompt the user whether or not to
allow a particular communication, eventually the user will allow herself to
become compromised... so prompting firewalls are not always reliable
security.

> With regard to this particular post:
> References to "blocking something important" smacks of FUD; particularly
> after agreeing with the assesment of Gibson's "scare tactics".


I disagree completely. I think my statement was pretty fair and accurate.
It's not FUD to say that firewalls can easily be misconfigured by
inexperienced users, with unwanted results. Anyone reading this newsgroup
regularly knows this happens quite frequently. It's strange to think I'm
contributing to FUD about firewalls given that I regularly recommend them.
But I used to be one of those techies who would recommend them to everyone
without caveats, until I installed one on a friend's computer and had
absolutely miserable results. And for what it's worth, I hold a Checkpoint
Firewall-1 CCSA certification, so I know a little bit about how to configure
firewalls.

So now I'm much more cautious about recommending firewalls to novices
without caveats. And pretty much anyone asking advice about how to find and
configure a host-based firewall is a firewall novice.

And note that security is *NOT* about being most secure. The most secure
solution is often the wrong one. Security is about managing risk to an
acceptable level, with the end goal being saving time and money and
enhancing functionality. Given this, the XP firewall is sometimes the right
solution, because with less functionality, it makes novice users reasonably
secure while breaking less and taking less time to administer. I use both
Kerio and Sygate on my machines, but only because I can support them myself
pretty easily.




 
Reply With Quote
 
Tim
Guest
Posts: n/a

 
      28-11-2004, 11:58 AM
Thanks everybody for your help, I didnt mean it to spark such a debate.

"Karl Levinson, mvp" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Mr. Kurtz" <MisterKurtz@TheCentralStation> wrote in message
> news:(E-Mail Removed)...
>
>> > Or, you can install free firewalls like www.kerio.com, www.sygate.com
>> > or
>> > www.zonealarm.com These have more functionality than the Windows

>> firewall,
>> > and will give you a lot more information about mystery executables on

> your
>> > system [I think the XP firewall tells you pretty much nothing about

>> these.].
>> > But they may take more effort to maintain. For example, if you end up
>> > blocking something important, you have to look at the logs and figure

> out
>> > what needs to be unblocked.

>
>> To the OP:
>> Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate. Any

> of
>> thse is far superior to the XP firewall. You would be well served.

>
> That's *much* easier said than done. Many people get frustrated and give
> up. And if your firewall is configured to prompt the user whether or not
> to
> allow a particular communication, eventually the user will allow herself
> to
> become compromised... so prompting firewalls are not always reliable
> security.
>
>> With regard to this particular post:
>> References to "blocking something important" smacks of FUD; particularly
>> after agreeing with the assesment of Gibson's "scare tactics".

>
> I disagree completely. I think my statement was pretty fair and accurate.
> It's not FUD to say that firewalls can easily be misconfigured by
> inexperienced users, with unwanted results. Anyone reading this newsgroup
> regularly knows this happens quite frequently. It's strange to think I'm
> contributing to FUD about firewalls given that I regularly recommend them.
> But I used to be one of those techies who would recommend them to everyone
> without caveats, until I installed one on a friend's computer and had
> absolutely miserable results. And for what it's worth, I hold a
> Checkpoint
> Firewall-1 CCSA certification, so I know a little bit about how to
> configure
> firewalls.
>
> So now I'm much more cautious about recommending firewalls to novices
> without caveats. And pretty much anyone asking advice about how to find
> and
> configure a host-based firewall is a firewall novice.
>
> And note that security is *NOT* about being most secure. The most secure
> solution is often the wrong one. Security is about managing risk to an
> acceptable level, with the end goal being saving time and money and
> enhancing functionality. Given this, the XP firewall is sometimes the
> right
> solution, because with less functionality, it makes novice users
> reasonably
> secure while breaking less and taking less time to administer. I use both
> Kerio and Sygate on my machines, but only because I can support them
> myself
> pretty easily.
>
>
>
>
>




 
Reply With Quote
 
andy smart
Guest
Posts: n/a

 
      29-11-2004, 09:45 AM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mr. Kurtz wrote:
| "Karl Levinson, mvp" <(E-Mail Removed)> wrote in message
| news:e%(E-Mail Removed)...
|
|>"Jason" <(E-Mail Removed)> wrote in message
|>news:%(E-Mail Removed)...
|>
|>
|>>Dont worry about it ping isn't nearly as evil as Steve makes out, he has
|>>a tendency to use scare tactics.
|>
|>Agreed.
|>
|>Blocking ping is controversial, because you can still be visible even with
|>ping blocked. I do block ping on my system, though, I believe.
|>
|>How to do this depends on what firewall you're using. Here's how to
|>configure the Windows XP firewall:
|>
|>http://securityadmin.info/faq.asp#icf
|>
|>Or, you can install free firewalls like www.kerio.com, www.sygate.com or
|>www.zonealarm.com These have more functionality than the Windows
|
| firewall,
|
|>and will give you a lot more information about mystery executables on your
|>system [I think the XP firewall tells you pretty much nothing about
|
| these.].
|
|>But they may take more effort to maintain. For example, if you end up
|>blocking something important, you have to look at the logs and figure out
|>what needs to be unblocked.
|>
|
|
| To the OP:
| Take the extra time to learn how to use Kerio, ZoneAlarm, or Sygate.
Any of
| thse is far superior to the XP firewall. You would be well served.
|
| With regard to this particular post:
| References to "blocking something important" smacks of FUD; particularly
| after agreeing with the assesment of Gibson's "scare tactics".
|
|
| Kurtz
|
|
I'm not sure that reminding users, especially users without much
experience, that there can easily be unforseen consequences, counts as FUD.

I'd far rather be warned than make an uniformed descision....
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBqu/Eqmlxlf41jHgRAsCdAJ4mB+yJAhplHK1An/8X0DokwuZlrQCgiYsh
jncVfgcYSLirxwXZX8uJ7jo=
=9YcC
-----END PGP SIGNATURE-----
 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't Ping R2 server in same subnet, but can ping outside subnet.!! hboogz via WinServerKB.com Security Software 2 31-07-2006 01:05 AM
i can't enable the firewall =?Utf-8?B?ZmFiaW8=?= Virus Information 6 23-05-2006 11:15 PM
how do i configure machine to block ping requests Headtheball Security Software 2 11-09-2004 08:44 PM
how to enable the firewall setting VL Security Software 4 24-02-2004 07:38 AM
HOW TO: Enable or Disable Internet Connection Firewall in Windows XP ? mark Security Software 1 13-08-2003 06:33 PM


All times are GMT. The time now is 10:23 AM.