LnS & Shields UP

Discussion in 'LnS English Forum' started by LoneWolf, Aug 10, 2006.

Thread Status:
Not open for further replies.
  1. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Over ar www.grc.com I was testing LnS with Shields UP and all ports are stealthed,passed solicited tcp packets + unsolicited packets,but failed ping reply. they were able to ping me. Is there something in LnS I can set to block this? I already have the enhanced rules set in place.Should I even worry about this ping thing?
     
  2. betauser2

    betauser2 Guest

    I don't use LnS but when I trialed it it passed Shields Up (inc. Ping) have you altered any rules? if not try re loading the standard rule set and then perform the shields up test (it should pass the ping). if it passes then you must have fiddled around with the enhanced ruleset and may need to download (ruleset) and reload.
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Nope thats not it. But thanks for the reply betauser2.
     
  4. betauser2

    betauser2 Guest

    so ping test also fails with standard ruleset?

    (I've got fd_ISR so I may check this out)
     
  5. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    both standard and enhanced rules set fails ping test.
     
  6. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi travellinman :)

    For the ICMP protocol there is 6 rules:

    1 st Rule:
    Block Fragmented Icmp

    2nd rule:
    Block More Fragments Icmp

    3 rd rule:
    Allow type 8 code 0 OUT (echo request from your PC)

    4 th rule:
    Allow type 0 code 0 IN ( echo response to the previous one only)

    5 Th rule:
    Allow type 11 code 0 IN (This is Traceroute...)
    You don't have to set any application for this rule but like the other ones here they are set for all applications...

    6 th rule: at the end of your rules set and before the final rule to block evethings else (this is mandatory...)
    Block all other Icmp any types any codes


    Check this thread:
    https://www.wilderssecurity.com/showthread.php?t=138407

    :)
     
  7. StriderSkorpion

    StriderSkorpion Registered Member

    Joined:
    Feb 24, 2006
    Posts:
    54
    If you're behind a router, then the router could be replying to the pings. In that case, you'd have to disable replying to pings from WAN side. Your router (if you have one) manufacturer's homepage should have a support section detailing how to do this among other things.
     
Thread Status:
Not open for further replies.