LnS Fails GRC Ping test

Discussion in 'LnS English Forum' started by JerryM, Jan 29, 2005.

Thread Status:
Not open for further replies.
  1. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I just went to DSL, and I like it so far.
    Thought I would go to Gibson and run the firewall test. All ports were stealth, but it failed the ping test because it returned whatever.
    I went to LnS and I find two places to permit pings, but both are outgoing only.

    How do I configure the LnS to protect from pings, or is it a serious problem?
    Thanks,
    Jerry
     
  2. Lowryder

    Lowryder Guest

    Hi Jerry,


    If you using the LnS EnhancedRulesSet rule-set or Phantoms rule-set you should pass every test on the Internet,unless you have edited a rule yourself you should be passing this test,try and put a stop sign icon on your two rules for permitting pings, but as you said they" both are outgoing only",but it's worth a try,I also had problems at first with this test,and it was either I was using the standard LnS rule-set which didn't work too good or it was me making an edit to my rules,I found the quickest way to solve this problem is to load a new rule-set,and try it again,I found it was a matter of trial & error,and the error mostly me,but you could have something else opened,please try again,I am sure somebody can help you if this won't work.I don't think it's a big problem just something in your rule-set that is opened,or not correct set-up,good luck
     
  3. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Yes, what rule-set do you use?
    It may be an issue with the Online web Scanners, a lot of times they give out false readings. You aren’t behind a router or a proxy server are you?

    A system would not become “hacked” with the use of ICMP Protocol, but if your system has been infected with specific form of Trojans, ICMP Tunnelling can be of some concern. ICMP attacks is usually a flood packet procedure to wipe users and networks offline, a system with weak packet-filtering or improperly configured or no firewall would be very acceptable to be wiped offline than a system with packet-filtering blocking the ICMPs.
     
  4. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    I am using the Enhanced rule set. I am not behind a proxy server.

    Jerry
     
  5. want2bemalwarefree

    want2bemalwarefree Registered Member

    Joined:
    Jan 20, 2005
    Posts:
    19
    Location:
    Texas
    I am a newbie to network security issues, so what I say is subject to correction by more knowledgeable posters, but I think I had the same problem that you are having. Actually my problem was slightly different in that I failed the ping test and all my ports were detected as closed.

    The reason turned out to have nothing to do with my software firewall but was a result of the default configuration of my 2Wire Home Portal (DSL modem/router). The default configuration is apparently for all ports to be closed, rather than stealthed. Once I figured out that the problem was with the home portal, and not the software firewall, all I had to do was change the home portal to all ports stealthed and then I passed all tests.

    You might check to see if this could be causing your problem.
     
  6. OPG#1

    OPG#1 Guest

    Hi JerryM,
    If you use DSL for your internet connection, almostly your boxe(s) are behind a router which probably involved into testing your pc with grc.com
    Some configurations of the router will let some port open/closed not stealth. To test your box, it is to put your box with private lan ip into DMZ zone of the router setting or that to hook up your box directly to the dsl modem not behind the router.
    Hope this was your situation when you attempted with the testing.
     
  7. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Thanks, I will try to figure it out. Right now I do not understand all thay the two of you have said. I have not considered it a big problem.

    I have the DSL modum, and no extra hardware other than that. I notice that the modum has the capability to set different levels of security, but I have not figured out how to do that or if I want to go too far. Right now the default is NAT (?). I do have a good level of software security with an Bit Defender, LnS, and Ewido plus several anti spyware programs.

    Jerry
     
Thread Status:
Not open for further replies.