none
Windows firewall: how block ICMP echo (ping response) ? RRS feed

  • السؤال

  • Comodo won't run for me any more so I'm back to Win firewall, which yields stealth from Gibson research (GRC) except that it answers the ICMP ping.  I can't figure out how to block it.

    Any help appreciated!


    Hope that helps! - - - Kris
    04/جمادى الثانية/1430 03:35 ص

الإجابات

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • تم وضع علامة كإجابة بواسطة Robinson Zhang 05/جمادى الثانية/1430 08:48 ص
    04/جمادى الثانية/1430 04:08 ص

جميع الردود

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • تم وضع علامة كإجابة بواسطة Robinson Zhang 05/جمادى الثانية/1430 08:48 ص
    04/جمادى الثانية/1430 04:08 ص
  • yes, this is definitely much simpler and definitely the firewall way to go (for me!) !
    Hope that helps! - - - Kris
    05/جمادى الثانية/1430 03:11 م
  • universalsoldier53,

    It is there.  The way to set it up has  changed, but only slightly.  It took me all of 2 seconds to find it.  I didnt realize that you not being able to do something resulted in other people being "dumbasses."

    Allow me to help you so that other people aren't "dumbasses" anymore *rolls eyes*

    Open Windows Firewall with Advanced Security>Inbound Rules>New Rule>Custom Rule>All Programs>Protocol type:  ICMPv4 (then click customize at the bottom)>Specific ICMP types: (tick 'Echo Request') (click OK)>Choose your IP settings>Block Connection>Apply to Domain/Private/Public>Finish.

    tested on win7x64SP1, Win8x64.

    18/ذو الحجة/1433 07:01 م
  • <object height="1" id="plugin0" style=";z-index:1000;" type="application/x-dgnria" width="1"><param name="tabId" value="{D3249603-5247-4976-998A-D8A7FD77264C}" /></object>

    p00n4n1,

    Thanks for your posting and your answer, it has helped me find a solution I've been looking for all day.  Appreciate your time.

    23/محرم/1434 05:48 ص
  • This thread marked as responded so not sure this will be read.

    Experiencing similar problem with ping response showing per Shields Up.

    I have created rules per second instructions (p00n4n1?).   Created rule for both ICMPv4 and ICMPv6.   Everything appears to be correct.   Still get failure indication on Shields Up though indicating ICMP echo response.   Tried reboot to no affect.

    Some thoughts -

    Had just uninstalled Norton 360.     Don't see why that should make a difference, but thought I should mention.

    Could Shields Up be looking at other ICMP protocol responses then echo response?   Any reason not to check them all?

    Is it possible my cable modem is responding independently of my PC and that is what Shields Up is seeing?

    .......................................

    Followup - believe I may have my answer from Shields Up (Gibson Research Corporation).    They provided link 

    www.grc.com/sn/SN-064.htm

    Appears my cable modem is likely a NAT router and responding to ping itself.

    • تم التحرير بواسطة ioweejun 28/جمادى الثانية/1434 02:32 م
    27/جمادى الثانية/1434 02:43 م
  • Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    28/شوال/1436 02:33 م
  • Hey dumbass it's "you're" not "your."

    05/شعبان/1438 06:25 م
  • The problem I have with this is: Since when does 'all' not mean everything!? A separate rule should not be needed if I've already blocked all protocols for an IP or subnet.
    20/صفر/1439 10:24 م
  • Thanks. Your post led me to check my cable modem/router's settings, and I discovered it has its own firewall that includes an option to block pings.
    • تم التحرير بواسطة devzoo 12/جمادى الأولى/1439 09:16 ص
    12/جمادى الأولى/1439 09:15 ص