none
Windows firewall: how block ICMP echo (ping response) ? RRS feed

  • Dotaz

  • Comodo won't run for me any more so I'm back to Win firewall, which yields stealth from Gibson research (GRC) except that it answers the ICMP ping.  I can't figure out how to block it.

    Any help appreciated!


    Hope that helps! - - - Kris
    čtvrtek 28. května 2009 3:35

Odpovědi

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    čtvrtek 28. května 2009 4:08

Všechny reakce

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    čtvrtek 28. května 2009 4:08
  • yes, this is definitely much simpler and definitely the firewall way to go (for me!) !
    Hope that helps! - - - Kris
    pátek 29. května 2009 15:11
  • universalsoldier53,

    It is there.  The way to set it up has  changed, but only slightly.  It took me all of 2 seconds to find it.  I didnt realize that you not being able to do something resulted in other people being "dumbasses."

    Allow me to help you so that other people aren't "dumbasses" anymore *rolls eyes*

    Open Windows Firewall with Advanced Security>Inbound Rules>New Rule>Custom Rule>All Programs>Protocol type:  ICMPv4 (then click customize at the bottom)>Specific ICMP types: (tick 'Echo Request') (click OK)>Choose your IP settings>Block Connection>Apply to Domain/Private/Public>Finish.

    tested on win7x64SP1, Win8x64.

    sobota 3. listopadu 2012 19:01
  • <object height="1" id="plugin0" style=";z-index:1000;" type="application/x-dgnria" width="1"><param name="tabId" value="{D3249603-5247-4976-998A-D8A7FD77264C}" /></object>

    p00n4n1,

    Thanks for your posting and your answer, it has helped me find a solution I've been looking for all day.  Appreciate your time.

    pátek 7. prosince 2012 5:48
  • This thread marked as responded so not sure this will be read.

    Experiencing similar problem with ping response showing per Shields Up.

    I have created rules per second instructions (p00n4n1?).   Created rule for both ICMPv4 and ICMPv6.   Everything appears to be correct.   Still get failure indication on Shields Up though indicating ICMP echo response.   Tried reboot to no affect.

    Some thoughts -

    Had just uninstalled Norton 360.     Don't see why that should make a difference, but thought I should mention.

    Could Shields Up be looking at other ICMP protocol responses then echo response?   Any reason not to check them all?

    Is it possible my cable modem is responding independently of my PC and that is what Shields Up is seeing?

    .......................................

    Followup - believe I may have my answer from Shields Up (Gibson Research Corporation).    They provided link 

    www.grc.com/sn/SN-064.htm

    Appears my cable modem is likely a NAT router and responding to ping itself.

    • Upravený ioweejun středa 8. května 2013 14:32
    úterý 7. května 2013 14:43
  • Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    čtvrtek 13. srpna 2015 14:33
  • Hey dumbass it's "you're" not "your."

    pondělí 1. května 2017 18:25
  • The problem I have with this is: Since when does 'all' not mean everything!? A separate rule should not be needed if I've already blocked all protocols for an IP or subnet.
    čtvrtek 9. listopadu 2017 22:24
  • Thanks. Your post led me to check my cable modem/router's settings, and I discovered it has its own firewall that includes an option to block pings.
    • Upravený devzoo pondělí 29. ledna 2018 9:16
    pondělí 29. ledna 2018 9:15