Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Best way to allow ICMP and be safe doing so

24 Jun 2015   #1
durango1

Windows 7 Professional 64bit
 
 
Best way to allow ICMP and be safe doing so

Hi, I was told awhile back that its best to turn off ICMP on the modem/router because it is a huge safety issue and so it has been that way for a long time now.

But sometimes i play games like BF4 (battlefield 4) and they send a ICMP request to show ping. Since i have ICMP blocked it shows "-" for my ping. And i get called a hacker or other names because they think im trying to hide something, which i am not.

So i went into my modem just now and i allowed ICMP on both traffic in and traffic out and now the ping works.

However now i am worred about security. What is the best way to do this to satisfy both needs?

thanks


UPDATE: did some googling and i guess the good news is that the modem/router appears to only allow 8 ICMP, 0 ICMP, 11/0 ICMP, 11/1 ICMP, 30 ICMP
  1. 0 - Echo Reply (ping response)
  2. 8 - Echo Request (ping request)
  3. 11 - Time Exceeded
I dont know what 30 is... i guess its traceroute

so is that better and safer to leave it on?


My System SpecsSystem Spec
.
24 Jun 2015   #2
1PW

 
 

One of the major cornerstones of personal computer security is Attack Surface Reduction.

When an attacker's ping receives a reply, a live potential target has been revealed. Forget the blatherings of the ignorant and let your common sense prevail.

Cheers
My System SpecsSystem Spec
28 Jun 2015   #3
Alejandro85

Windows 7 Ultimate x64
 
 

Nowadays having ping enabled is not that huge security risk as it was one day. The security function it fulfills is making it a little harder for an attacker to know that an host is at that address, but that can be known by other means. For home use, the normal presence of a NAT router in front of the network plus the fact that there is rarely anything listening makes an attack unlikely.

It's all about a tradeoff, security vs convenience. I don't find it to be great risk to be enabled, but there are reasons to worry.
Have a look here for a better explanation of the implication of each option: network - Security risk of PING? - Information Security Stack Exchange
My System SpecsSystem Spec
.

Reply

 Best way to allow ICMP and be safe doing so




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
what is tor and is it safe?
i heard of tor which supposidly protects your online privacy so your isp doesnt know where u are visiting. but ive heard people can crack into this network like law enforcement etc, im not doing anything illegal but can people know what websites you visited on TOR even if it is a http link not a...
Browsers & Mail
System will only start in Safe mode, Clean virus in safe mode
I recently attempted to clean my brother's computer after he aquired a virus from the torrent file program he uses. Regardless, I cleaned a trojan and a backdoor from his system from safe mode. I can not boot in normal mode. Everytime i try the system gets hung up at the windows loading screen...
General Discussion
How Do I Stop My System From Answering ICMP Ping Requests ??
I've already made a rule for inbound requests, but it doesn't seem to be working. Ran a security check at grc.com and the reply to a ICMP ping was the only problem. Everything else was "stealth."
System Security
Cannot access Safe Mode but can boot in Safe Mode with Networking
After attempting to start my Laptop in Safe Mode, it loaded drivers normally only to crash a few seconds later. A prompt message appears but is impossible to read because Windows immediately reboots upon showing the prompt. Safe Mode with Networking loads normally. Any ideas or advice? The...
BSOD Help and Support
ICMP Flooded? :S
Hey, My new antivirus has just gave me a popup saying "Wireless Internet Connection is ICMP Flooded." whats this? i quickly looked it up, like a Denial of Service attack almost? O_O can someone help me?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:11.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App