Solved Firewall help

[Golden]

Hi Everyone,

Im unsure if I have a potential security issue with my firewall, or whether Im being a bit paranoid (probably a good thing once in a while), but I wonder if someone could help me.

This is my security situation:

Resident Anti-virus : Norton Internet Security 2011
Resident Anti-malware : MBAM
Firewall : Norton Internet Security 2011
Router : Billion 7401VGPR3
Occasionally, I also use AVG Free 2011 as an on-demand scanner.

I have never (so far) been infected with any form of virus, malware, or intrusion as far as I am aware. I put this down to good browsing habits and common sense.

I recently used the Shields-Up site -- https://www.grc.com/x/ne.dll?bh0bkyd2 -- to test the status of my ports (open, closed or stealth). I tested the service ports which were all in Stealth mode, and this is the summary:

Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .



Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)


Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

What concerns me is the Ping Reply. The question is : should I be concerned?

Attached is an image of my firewall settings (these are the default install settings). The Ping Reply report suggests that i should be able to configure Norton to block, drop or igmore ping requests, but I have no idea how to do that.

Are there any Norton firewall users here that can help me set this up in order to pass the Ping Reply test? Are there any drawbacks/cons to blocking ping requests?

Thanks for your time,
Golden

 

[WindowsStar]

Shields-Up is testing your router and the firewall in it. The ping is coming back from your router. Not much of a risk leaving it on. But if you want to turn it off log-in to your router and turn it off and then re-test with Shields-Up.

 

[mickey megabyte]

+1

all routers are different, but you should find something like this somewhere in your settings.

anybody know what 'strict udp session control' is?

 

[Golden]

Ahhhh... thanks WindowsStar +1

I've come to relaise my router firewall is actually turned off! (ISP provided it this way). Unfortunately, when I enable it, save the config, and restart the router, it defaults back to being OFF. I will have to check with the ISP this morning.

Thanks. This is definately the issue. +1

 

[Golden]

Stupid me! I didn't apply the settings. Everything is now good. Firewall turned on and Shields-Up passes everything!

Thanks again WindowsStar...you are a star!

 

[WindowsStar]

You are most welcome! Thanks for the REP!

 

[CarlTR6]

+1

all routers are different, but you should find something like this somewhere in your settings.

anybody know what 'strict udp session control' is?

What is UDP? - Definition from Whatis.com

UDP (User Datagram Protocol) is a communications protocol that offers a limited amount of service when messages are exchanged between computers in a network that uses the Internet Protocol (IP). UDP is an alternative to the Transmission Control Protocol (TCP) and, together with IP, is sometimes referred to as UDP/IP.

I set my router to "strict UDP session control".

 

[mickey megabyte]

sorry, but that doesn't answer my question, carl.

what is it and do i need to activate it?

i've had it off (if you pardon the expression) for so long, i'm worried i may get unwanted surprises with it on. i would like some more info before i 'hit the switch.'

 

[yvocapo]

hello CarlTR6, I need your help in another issues, I know this not the place for asking that, but im dont know hows works this forum, im new in this and im not speak english very well, I try send a message to you, but I dont know how to do that.
in advance thanks you very much

 

[CarlTR6]

To send me a message, click on my user name and that takes you to my profile. Near the upper left, under my name, you will see Send Message. Click on this and then click on Post a visitor message...

If you don't know where to post a topic, post it in the General Discussion section, General Discussion - Windows 7 Forums. and the moderators will move it to the appropriate section if necessary.