1/ ICMP echo request/reply Facts: RFC-1122 GRC's FUD: (most nonsensical parts emphasized by myself) You have trouble with your internet connection? Guess what, call your ISP and they'll start by pinging your box... Thank you, Mr. Gibson, for "highly recommending" an RFC breach. - Blocking ICMP echo request is the ultimate way to invisibility, apparently, and will defeat all those nasty hackers there... Why do the lame guys use all the port scanners which scan whole network ranges, when they can use ping, d'oh! - As a bonus, thanks to your Shields Up advise all security/firewall forums are flooded by scared newbies who complain about how their firewall "failed" to protect them from the nasty ICMP echo request/reply. "Oh noes, I'm not 'true stealthed' - your product faileees!". 2/ Reverse (PTR) DNS records Facts: RFC-1033 RFC-1912 GRC's FUD: (most nonsensical parts emphasized by myself) So, according to Mr. Gibson: - Without reverse DNS record, I can't be uniquely identified. I thought an IP might be enough to actually achieve this, wow I lived in lie for all the years. It's so much easier when you have PTR. - Without reverse DNS record, website cannot easily retrieve information about me. Apparently, everything starting with IP address and ending with stuff such as OS, used browser and screen resolution is even not remotely so dangerous like having a reverse DNS record (which lots of sites don't even log due to performance reasons. Wow again. - Without reverse DNS record, my geographical information won't be disclosed. - Without reverse DNS record, noone can persistently identify me. Just because ISP's never log assigned IP addresses, and noone's using fixed IPs these days. I suppose Mr. Gibson never used services like this or this that show all the details mentioned above. This will even show your location on the map quite accurately for lots of people. But pheeew, I'm so much more safe without PTR record, noone will spy on me. Good that GRC felt the need to warn me with one page worth of blurb before even sending me to the actual inbound firewall test. Many thanks. To conclude - I stopped suggesting Shields Up as a firewall test site quite some time ago and won't recommend it again until Mr. Gibson deletes the above nonsense and FUD. Your alternative suggestions wrt online firewall/security tests are welcome.