wakish Posted February 28, 2006 Report Share Posted February 28, 2006 HI.. I have tested my security on the link on the faq : https://grc.com/x/ne.dll?bh0bkyd2 I came to know that my pc has the following vulnerability: Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation. Please can you help in blocking those ICMP?? My shorewall is set to level: "high" and i have even said NO in the configuration where it says "do you want to broadcast ICMP echo/pings...something like that..But still no +ve result. Thanks! Quote Link to comment Share on other sites More sharing options...
paul Posted February 28, 2006 Report Share Posted February 28, 2006 are you plugged into a router? if you are, I bet that is what is responding to pings. Quote Link to comment Share on other sites More sharing options...
wakish Posted February 28, 2006 Author Report Share Posted February 28, 2006 are you plugged into a router?if you are, I bet that is what is responding to pings. yeah, i'm plug on a router/ethernet adsl stuff.. how to be immune to ICMP here? Quote Link to comment Share on other sites More sharing options...
daniewicz Posted February 28, 2006 Report Share Posted February 28, 2006 Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests Yeah, me too. Mandriva 2005 with shorewall. I am sitting behind a router. Quote Link to comment Share on other sites More sharing options...
paul Posted February 28, 2006 Report Share Posted February 28, 2006 look at the config for your router ;) some routers you can't turn off icmp replies Quote Link to comment Share on other sites More sharing options...
wakish Posted February 28, 2006 Author Report Share Posted February 28, 2006 look at the config for your router ;) some routers you can't turn off icmp replies I don't find anything about ICMP on my router configuration page :( 1) Is there anything else that can be done to prevent ICMP broadcast? 2) Is this vulnerability really serious? Quote Link to comment Share on other sites More sharing options...
paul Posted March 1, 2006 Report Share Posted March 1, 2006 nah not serious. I'd leave it alone .. and infact on my purpose built firewalls I enable ping .. nice for debugging etc. Quote Link to comment Share on other sites More sharing options...
tyme Posted March 1, 2006 Report Share Posted March 1, 2006 as long as you aren't forwarding any vulnerable ports through your cable/dsl router you should be pretty safe. Quote Link to comment Share on other sites More sharing options...
aioshin Posted March 1, 2006 Report Share Posted March 1, 2006 and your router should be able to be ping such in case that there are network problem, and your provider needs to check if you're up, they should be able to do so, also, some network monitor relies on ping, if they wont be able to ping your side, they will think that the equipment on your side has been down. Quote Link to comment Share on other sites More sharing options...
Qchem Posted March 1, 2006 Report Share Posted March 1, 2006 If you're really worried about security it might be worth getting the router to forward ports to a non-existant IP address on your local network. Oddly enough my router sometimes responds to exrternal pings, sometimes it doesn't... Quote Link to comment Share on other sites More sharing options...
tyme Posted March 1, 2006 Report Share Posted March 1, 2006 Oddly enough my router sometimes responds to exrternal pings, sometimes it doesn't... hm, sounds like an attitude problem. Quote Link to comment Share on other sites More sharing options...
wakish Posted March 1, 2006 Author Report Share Posted March 1, 2006 uuummm...ok..thanks guys! In that case, i will leave it like it is ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.