Before I switched from dial-up to DSL, my results at ShieldsUp! were pure stealth, but now, while my ports still test as stealthed, my computer (or perhaps the DSL modem) is responding to pings (ICMP echo). Should I be concerned and, if so, how would I set up the proper configuration (ZAFree behind a Westell 2200 modem with an integrated firewall)? Also, would the modem's firewall be the reason why ZA no longer shows any logged events (blocks) even though it's set to do so? Thanks in advance.
I am running a hardware firewall in a router and my incoming log in my software firewall is always empty. As far as the pings go I have my software firewall set to block all in and out pings. I don't know if it is really necessary but I have had it like that for at least a year. I don't know how to configure the ZA firewall to block pings but I have done it with sygate and kerio 2.1.5. I am also running DSL. And yes your modems firewall is blocking the incoming attempts before it reaches your computer.
Pretty much what I thought, BigC. Confirmation is always nice, though. And, so far as I'm aware, there are no options for blocking pings in the free version of ZA. I suspect that my main concern should be the port scan anyway, and it looks like I'm covered there. Thanks again.
Sometimes I am jealous on people who see huge lists of attackers. I never see any. Also on the attached attacker nothing showing up ever. Doing an external test I see every port stealthed, except the 113, which is closed and what should be (could be) normal. Cheers, Gerard
My 113 port is also closed it has to do with my router useing it if I ever let it update the firmware, which is not going to happen real soon.
Hi dangitall, It usually is the modem or router which response to ICMP, so it is NOT your PC who is responding, this is in many cases the way a router or DSL modem deals with ICMP, which can be bypassed by port forwarding as described by Ronjor, so you do not need to worry. The reason you don't get any reports from ZA is because your DSL has taken over the firewall job that ZA is supposed to do, i had the same on my pc. Just try and run GRC testpage without ZA and you probably will see that you are still steath, which happened with my router. cheers, Martin
Hi I was using portforwarding with my Linksys until i read it was a bad idea to port forward and why. I just wish I could remember the forum i was reading controler
There have been security problems with Linksys routers in the past (see Security Alert: Linksys BOOTP Memory Leak for info and links) which could be related though it's worth mentioning the need for a firmware upgrade to Linksys owners in any case.
There was a time with Linksys routers that the only way to get stealth results all around was to forward all unsolicited inbound traffic to a non-existant internal IP. The problem with this is that anything forwarded results in a NAT table entry and under some circumstances users were finding this would crash the router, while others would experience no problem at all. I believe recent firmwares allow users to "stealth" the router now without having to use the forwarding workaround. Basic NAT routers provide good protection from unsolicited inbound packets. Unless you are actually running any servers there should be no need to forward anything through to the LAN. Regards, CrazyM