Just got DSL for the first time

Discussion in 'other firewalls' started by Simon Phoenix, Nov 14, 2005.

Thread Status:
Not open for further replies.
  1. Simon Phoenix

    Simon Phoenix Registered Member

    Joined:
    Apr 3, 2005
    Posts:
    152
    Yep, I finally got rid of dial up....so my question is security.

    I have a 3.2, 512, 80 giger here and I use eztrust firewall (zonealarm) and antivir prem....

    I went to grc.com and did a basic test but I failed becuase my computer received a ping.

    Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

    So I would guess no software firewall stops this then huh? I need a router?
     
  2. Hazeleyze

    Hazeleyze Guest

    It is not really a threat but your ISP probably requires that you be pingable so they can tell when you're online. Your modem is responding to the ICMP requests not your firewall.
     
  3. FirePost

    FirePost Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    212
    Hi Simon Pheonix,
    Many firewalls can stop this. You have to set it that way in most instances. Not only can you block ICMP in general but some firewalls will also allow you to limit it by application or destination.
    Such as allow ICMP to my ISP ONLY. Or Allow ICMP only for this application.
    Most people will tell you that IF a router is an option to use one. It off loads the incoming work from the software and your system to the router. And as I am sure you will notice, Wilder's experts here support a layered defense.
     
  4. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    Hi Simon. It's very unusual for zonealarm to fail the grc test. I no longer run zonealarm, but it should have passed. There is one thing you can try, that I can think of. Go to the "trusted Zone security" and move the slider to high. See screenshot. I'm on cable internet. And kerio 2.1.5 passes all tests at grc..as did sygate, as did all the older versions of zonealarm I have run.

    I have lots of friends who are on dsl..and the majority run zonealarm. They all pass grc's test with no problem. Hope this helps.
     

    Attached Files:

  5. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Your eztrust/za should block echo requests (pings) by default.
    Perhaps you already have one. Did you buy your own DSL modem or was it provided by your ISP? Is it a combination modem/router?

    Regards,

    CrazyM
     
  6. simon p

    simon p Guest

    I have bellsouth internet....

    I turned the slider to high on the trusted zone and it still pinged me, it's blocked meaning it didn't get thru but it did respond to the ping.

    I'm on the home networking plus plan, meaning that my computer isn't the computer with the router/modem installed so I guess that in order for me to connect to the internet, I have to get a signal from the modem so I guess the ping won't go away.

    I connect to the net via a wireless adapter that picks up a signal from the main computer.
     
  7. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    This would suggest to me that your ISP has provided you with a modem/wireless router combo which the PC's are connecting to. If this is the case, it would be the router being tested at grc.com, not your system with the software firewall. You will need to check the documentation/configuration for your router for any settings that will disable echo replies (replying to the echo requests/pings).

    Regards,

    CrazyM
     
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hi,
    Something I always ask when people post these results:
    Did you scan your own ip? Maybe you're behind a proxy . . .
    Make sure the scanned ip address at grc is your own.
    Mrk
     
Thread Status:
Not open for further replies.