Shields UP test ???

Discussion in 'other firewalls' started by zpro, Oct 26, 2012.

Thread Status:
Not open for further replies.
  1. zpro

    zpro Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    38
    After the nasty rootkit, I got decide to lock down my new install of windows 7 64 bit,

    Running the test at Shields UP, all my ports pass stealth,
    BUT, < see below >

    Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .



    Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)



    Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

    ---
    As you can see, I failed in ONE, ICMP Echo ping,
    now my setup is as follows,

    Cable Modem ( Motorola Surfboard ) WAN
    Netgear Wireless Router, and Wired Local NAT

    My Computer... Windows 7 64 bit

    Q. How does one disable or another words, Pass the last test at Shields UP.


    Note: I have look threw the modems, to turn off Echo Ping, or anything close to it. but there is nothing.. nothing I can see.:doubt:


    Any Help would be appreciated! :)

    Thanks !!!
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    is the firewall active on that modem assuming it has one? if not maybe that is how it is set. possibly annoying situation but nothing to worry about as your router and other security measures, no doubt you have active, are protecting you
     
  3. kerykeion

    kerykeion Registered Member

    Joined:
    Jun 30, 2010
    Posts:
    267
    Location:
    Philippines
    You may turn off WAN echo reply on your router, maybe it's there and not on the modem.

    maybe you got the rootkit from untrusted software or some drive-by exploit, Sandboxie may help adding a layer of defense for your PC
     
  4. zpro

    zpro Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    38

    Nope, I called Motorola there is NO Setting to shut icmp echo . . . :(

    So, what next.

    Thanks
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    You said "Netgear Wireless Router" so look in there to turn off not the Motorola Modem.

    It should be under Firewall>Access Control

    Capture17-10-2012-9.02.16 AM26-10-2012-1.22.13 PM.jpg

    TH
     
    Last edited: Oct 26, 2012
  6. zpro

    zpro Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    38

    Thanks Triple Helix for the quick reply, I have the netgear 3700, and they Incorporated the firewall under WAN

    WAN Setup
    Disable Port Scan and DoS Protection
    Default DMZ Server . . .
    Respond to Ping on Internet Port
    MTU Size(in bytes)
    NAT Filtering Secured Open
    Disable SIP ALG


    I did find out that I had Both, the Motorola BroadBand Modem and Netgear Router, BOTH Firewalls turn on... plus windows 7 that makes 3 firewalls..
    yike !!!

    So, I disable all firewall for the Netgear, and Left the Motorola firewall active,
    which there is no setting, for icmp echo, there is one on the Netgear, but is UNCHECK, check if I wanted it to reply to request. ..

    Man, this is tuff, I pass all security test, and 99.9% stealth
    expect for ICMP PING ECHO...

    I believe the Motorola Modem is doing the ping back,
    and Yes, I shut of Both Firewall Setting on Motorola and Netgear, to see
    if I can pass Shields UP test on all Ports... NOPE.

    Again, it must be something built-in to Motorola that can't be accessed.
    (just a thought):(

    Unless there is another way ? here's hoping. :doubt:
     
  7. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    If it's the modem I wouldn't worry about it just make sure your Router's Firewall settings are configured and uncheck for icmp echo and you will be fine. ;)

    TH
     
Loading...
Similar Threads
  1. boredog
    Replies:
    7
    Views:
    1,119
Thread Status:
Not open for further replies.