How not to reply ping (ICMP Echo) requests (Router or Software Configuration)

Discussion in 'other firewalls' started by sg09, Sep 27, 2015.

  1. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    This is a old question. :sick: and this came up from GRC Shields Up test.
    I have searched internet and saw in numerous places that I shouldn't bother about it, and in some places some solutions have been given that didn't work for me.
    I am under Windows Firewall (+WSA) & D-Link DSL-2750U. Any or both Router or Software Configuration would be appreciated.

    P.S. My router has some settings enabled.
    Dlink.png
     
  2. Boblvf

    Boblvf Registered Member

    Joined:
    Aug 10, 2014
    Posts:
    103
    Windows firewall allows only ICMP type 3 code 4 inbound ( ICMPv4 ).

    Your routeur allows ICMP type 0 code 0 inbound ( echo reply ), and type 8 code 0 ( echo ) outbound , the other rules block some attacks, a few.


    Your computer do not reply to ping.
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    ICMP is not only for ping/trace
    http://security.stackexchange.com/questions/22711/is-it-a-bad-idea-for-a-firewall-to-block-icmp
    i dont care about - my netgear blocks all unwanted icmp

    HTH
     
  4. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    @Boblvf & @Brummelchen I am not very much knowledgeable about Firewall configurations. How can I configure Windows Firewall or/and Router to block ICMP Echo ping?
     
  5. Boblvf

    Boblvf Registered Member

    Joined:
    Aug 10, 2014
    Posts:
    103
    - your computer.
    " Your computer do not reply to ping. " nothing to configure with Windows firewall.

    - your router.
    Uncheck " ICMP ECHO " and ping your internet IP for testing.

    The echo reply is not a problem, ports and services must be closed, here is the problem.
     
  6. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    keep icmp enabled, from my view. the d-link should be new enough to handle it properly.
    as i can see this icmp settings only refer to the attack detection, not the common use. leave it as it is as long you dont have another experience or trouble with it.

    it seems that d-link is still to stupid to update their manuals along the current firmware. the manual only contains a single sentence to icmp, no picture, nothing for the "firewall settings". i had two of those - one died with the power sup, the previous was to old to handle much connections. i wont buy d-link again, piece of crap hardware.

    HTH
     
Loading...