GhostWall - Blocking pings

Discussion in 'Other Ghost Security Software' started by Riverrun, May 15, 2007.

Thread Status:
Not open for further replies.
  1. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    Re: GhostWall v1.150 - Free firewall for Windows XP/XP64/2000

    Just installed GhostWall and it seems really good to me. I'm running with the default rules and it appears (no pun intented) that the only drawback is that it's responding to ping solicitations, thus making it visible to the outside world. Is there some way I can stop this?

    I don't know a lot about creating rules :eek: but I'm willing to learn.
     
  2. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    Re: GhostWall v1.150 - Free firewall for Windows XP/XP64/2000

    I can see why it's called GhostWall since most tests showed that it makes my PC invisible to others. I have a really good feeling about this simple and elegant software. It's almost love at first sight.

    :D

    Hoping I can solve the ping issue.
     
  3. MsFluffyMuffin

    MsFluffyMuffin Registered Member

    Joined:
    Jun 4, 2003
    Posts:
    67
    Location:
    UK
    Re: GhostWall v1.150 - Free firewall for Windows XP/XP64/2000

    I haven't tried this yet, but you need to block incoming ICMP, maybe a simple rule like this might work:-

    Description: Block Ping
    Protocol: ICMP
    Local IP: Any
    Local Port: Any
    Action: Block
    Direction: Incoming
    Remote IP: Any
    Remote Port: Any

    Since you can ping any port there's no way to set a more specific port/protocol I'm afraid :eek:(

    I hope this help's or is of some use to you :eek:)

    Hugs,
    Fluffy oxo
     
  4. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    Re: GhostWall v1.150 - Free firewall for Windows XP/XP64/2000

    Thanks for the reply Ms Fluffy. Tried your suggestion but sadly it doesn't work. At present, I'm searching for a solution and I hope I find one as I'd hate to give up this great firewall...it's a real gem.

    Thanks again
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    The key to using the GhostWall firewall is this...

    1. The rules are matched from the top down, so the first rule that covers a specific condition will be where the execution stops and whatever that rule says to do is what gets done with the packet in question.

    2. This firewall is entirely dependant on its rules, as there are no internal default actions or catchalls. Therefore, if you do not have a "final blocking rule" this firewall won't block anything, unless of course you've added some specific "Block" rules.

    For my usage, the only Block rule I have is the final block rule itself. I configure my rules as a series of specific allow conditions, then the last rule is to block everything else. In my opinion, this is the best way to use this firewall, although some people have specific things they want to block right at the top, so they choose to start that way.

    I assume you are referring specifically to ICMP Pings, and that they are being responded to when you check your firewall via some test site. This firewall blocks pings by default "if" you have no rule to specifically allow ICMP, and you have an appropriate final block rule. If both of these are the case, then the most obvious question is what's your network connection look like there. Do you have a router in your setup that might actually be doing the ping responses rather then them going to your PC?

    The only other idea I have is that we could review your rules to ensure there isn't some other configuration issue. The best way is a screen shot like the one in this post. If you have any real IP addresses in any rules, you could simply black the address out when posting here.
     
  6. Riverrun

    Riverrun Registered Member

    Joined:
    Feb 19, 2007
    Posts:
    376
    Location:
    ~
    LowWater, thanks for the help. Like I say, this is a fabulous firewall.

    I am referring to ICMP pings and yes, I did test with Shieds Up at Gibson Research Corparation.

    I have D-Link DI-524 and maybe this is what's responding.

    I've modified the final rule to: Block the rest and I'm going to leave everything else as it is for the moment until I learn more. At the moment, I'm a little out of my depth.

    Thanks again.
     
  7. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    If your router has a hardware firewall then ghostwall won't serve much of a purpose other than protecting your system on your LAN.
     
  8. topmoxie

    topmoxie Registered Member

    Joined:
    May 25, 2006
    Posts:
    36
    question if your router has a nat is a firewall neccessarry , i dont think so
     
  9. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I wouldn't say its necessary to have a hardware firewall however it does the advantage of allowing you to create specific rules.
     
Thread Status:
Not open for further replies.