none
Windows firewall: how block ICMP echo (ping response) ? RRS feed

  • Pergunta

  • Comodo won't run for me any more so I'm back to Win firewall, which yields stealth from Gibson research (GRC) except that it answers the ICMP ping.  I can't figure out how to block it.

    Any help appreciated!


    Hope that helps! - - - Kris
    quinta-feira, 28 de maio de 2009 03:35

Respostas

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • Marcado como Resposta Robinson Zhang sexta-feira, 29 de maio de 2009 08:48
    quinta-feira, 28 de maio de 2009 04:08

Todas as Respostas

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • Marcado como Resposta Robinson Zhang sexta-feira, 29 de maio de 2009 08:48
    quinta-feira, 28 de maio de 2009 04:08
  • yes, this is definitely much simpler and definitely the firewall way to go (for me!) !
    Hope that helps! - - - Kris
    sexta-feira, 29 de maio de 2009 15:11
  • universalsoldier53,

    It is there.  The way to set it up has  changed, but only slightly.  It took me all of 2 seconds to find it.  I didnt realize that you not being able to do something resulted in other people being "dumbasses."

    Allow me to help you so that other people aren't "dumbasses" anymore *rolls eyes*

    Open Windows Firewall with Advanced Security>Inbound Rules>New Rule>Custom Rule>All Programs>Protocol type:  ICMPv4 (then click customize at the bottom)>Specific ICMP types: (tick 'Echo Request') (click OK)>Choose your IP settings>Block Connection>Apply to Domain/Private/Public>Finish.

    tested on win7x64SP1, Win8x64.

    sábado, 3 de novembro de 2012 19:01
  • <object height="1" id="plugin0" style=";z-index:1000;" type="application/x-dgnria" width="1"><param name="tabId" value="{D3249603-5247-4976-998A-D8A7FD77264C}" /></object>

    p00n4n1,

    Thanks for your posting and your answer, it has helped me find a solution I've been looking for all day.  Appreciate your time.

    sexta-feira, 7 de dezembro de 2012 05:48
  • This thread marked as responded so not sure this will be read.

    Experiencing similar problem with ping response showing per Shields Up.

    I have created rules per second instructions (p00n4n1?).   Created rule for both ICMPv4 and ICMPv6.   Everything appears to be correct.   Still get failure indication on Shields Up though indicating ICMP echo response.   Tried reboot to no affect.

    Some thoughts -

    Had just uninstalled Norton 360.     Don't see why that should make a difference, but thought I should mention.

    Could Shields Up be looking at other ICMP protocol responses then echo response?   Any reason not to check them all?

    Is it possible my cable modem is responding independently of my PC and that is what Shields Up is seeing?

    .......................................

    Followup - believe I may have my answer from Shields Up (Gibson Research Corporation).    They provided link 

    www.grc.com/sn/SN-064.htm

    Appears my cable modem is likely a NAT router and responding to ping itself.

    • Editado ioweejun quarta-feira, 8 de maio de 2013 14:32
    terça-feira, 7 de maio de 2013 14:43
  • Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    quinta-feira, 13 de agosto de 2015 14:33
  • Hey dumbass it's "you're" not "your."

    segunda-feira, 1 de maio de 2017 18:25
  • The problem I have with this is: Since when does 'all' not mean everything!? A separate rule should not be needed if I've already blocked all protocols for an IP or subnet.
    quinta-feira, 9 de novembro de 2017 22:24
  • Thanks. Your post led me to check my cable modem/router's settings, and I discovered it has its own firewall that includes an option to block pings.
    • Editado devzoo segunda-feira, 29 de janeiro de 2018 09:16
    segunda-feira, 29 de janeiro de 2018 09:15