none
Windows firewall: how block ICMP echo (ping response) ? RRS feed

  • Soru

  • Comodo won't run for me any more so I'm back to Win firewall, which yields stealth from Gibson research (GRC) except that it answers the ICMP ping.  I can't figure out how to block it.

    Any help appreciated!


    Hope that helps! - - - Kris
    28 Mayıs 2009 Perşembe 03:35

Yanıtlar

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • Yanıt Olarak İşaretleyen Robinson Zhang 29 Mayıs 2009 Cuma 08:48
    28 Mayıs 2009 Perşembe 04:08

Tüm Yanıtlar

  • apparently I sussed it...

    Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    It will put it appropriately at the top of the list.  GRC now shows full stealth.

    Hope that helps! - - - Kris
    • Yanıt Olarak İşaretleyen Robinson Zhang 29 Mayıs 2009 Cuma 08:48
    28 Mayıs 2009 Perşembe 04:08
  • yes, this is definitely much simpler and definitely the firewall way to go (for me!) !
    Hope that helps! - - - Kris
    29 Mayıs 2009 Cuma 15:11
  • universalsoldier53,

    It is there.  The way to set it up has  changed, but only slightly.  It took me all of 2 seconds to find it.  I didnt realize that you not being able to do something resulted in other people being "dumbasses."

    Allow me to help you so that other people aren't "dumbasses" anymore *rolls eyes*

    Open Windows Firewall with Advanced Security>Inbound Rules>New Rule>Custom Rule>All Programs>Protocol type:  ICMPv4 (then click customize at the bottom)>Specific ICMP types: (tick 'Echo Request') (click OK)>Choose your IP settings>Block Connection>Apply to Domain/Private/Public>Finish.

    tested on win7x64SP1, Win8x64.

    3 Kasım 2012 Cumartesi 19:01
  • <object height="1" id="plugin0" style=";z-index:1000;" type="application/x-dgnria" width="1"><param name="tabId" value="{D3249603-5247-4976-998A-D8A7FD77264C}" /></object>

    p00n4n1,

    Thanks for your posting and your answer, it has helped me find a solution I've been looking for all day.  Appreciate your time.

    7 Aralık 2012 Cuma 05:48
  • This thread marked as responded so not sure this will be read.

    Experiencing similar problem with ping response showing per Shields Up.

    I have created rules per second instructions (p00n4n1?).   Created rule for both ICMPv4 and ICMPv6.   Everything appears to be correct.   Still get failure indication on Shields Up though indicating ICMP echo response.   Tried reboot to no affect.

    Some thoughts -

    Had just uninstalled Norton 360.     Don't see why that should make a difference, but thought I should mention.

    Could Shields Up be looking at other ICMP protocol responses then echo response?   Any reason not to check them all?

    Is it possible my cable modem is responding independently of my PC and that is what Shields Up is seeing?

    .......................................

    Followup - believe I may have my answer from Shields Up (Gibson Research Corporation).    They provided link 

    www.grc.com/sn/SN-064.htm

    Appears my cable modem is likely a NAT router and responding to ping itself.

    • Düzenleyen ioweejun 8 Mayıs 2013 Çarşamba 14:32
    7 Mayıs 2013 Salı 14:43
  • Control Panel / Windows firewall / Advanced settings (on left side) / Inbound rules / New rule (on right side) :

    set "all programs" , protocol "ICMPv4" , ICMP settings click Customize button and choose "specific ICMP types / echo request.  Choose "block".

    13 Ağustos 2015 Perşembe 14:33
  • Hey dumbass it's "you're" not "your."

    1 Mayıs 2017 Pazartesi 18:25
  • The problem I have with this is: Since when does 'all' not mean everything!? A separate rule should not be needed if I've already blocked all protocols for an IP or subnet.
    9 Kasım 2017 Perşembe 22:24
  • Thanks. Your post led me to check my cable modem/router's settings, and I discovered it has its own firewall that includes an option to block pings.
    • Düzenleyen devzoo 29 Ocak 2018 Pazartesi 09:16
    29 Ocak 2018 Pazartesi 09:15