LnS & Shields UP

Over ar www.grc.com I was testing LnS with Shields UP and all ports are stealthed,passed solicited tcp packets + unsolicited packets,but failed ping reply. they were able to ping me. Is there something in LnS I can set to block this? I already have the enhanced rules set in place.Should I even worry about this ping thing?

 

I don't use LnS but when I trialed it it passed Shields Up (inc. Ping) have you altered any rules? if not try re loading the standard rule set and then perform the shields up test (it should pass the ping). if it passes then you must have fiddled around with the enhanced ruleset and may need to download (ruleset) and reload.

 

Nope thats not it. But thanks for the reply betauser2.

 

so ping test also fails with standard ruleset?

(I've got fd_ISR so I may check this out)

 

both standard and enhanced rules set fails ping test.

 

Hi travellinman

For the ICMP protocol there is 6 rules:

1 st Rule:
Block Fragmented Icmp

2nd rule:
Block More Fragments Icmp

3 rd rule:
Allow type 8 code 0 OUT (echo request from your PC)

4 th rule:
Allow type 0 code 0 IN ( echo response to the previous one only)

5 Th rule:
Allow type 11 code 0 IN (This is Traceroute...)
You don't have to set any application for this rule but like the other ones here they are set for all applications...

6 th rule: at the end of your rules set and before the final rule to block evethings else (this is mandatory...)
Block all other Icmp any types any codes


Check this thread:
https://www.wilderssecurity.com/showthread.php?t=138407

 

If you're behind a router, then the router could be replying to the pings. In that case, you'd have to disable replying to pings from WAN side. Your router (if you have one) manufacturer's homepage should have a support section detailing how to do this among other things.