April 21st, 2004, 03:36 AM
Hardening w/o firewall
So I decided to do some scans on my box w/o my firewall. So far I have passed symantec, but not "shields up!". I couldn't pass shields up because I responded to ping, and all my ports were closed, not "stealth", which they are with my firewall on. I wondering how I can stealth or disable ping, and stealth the rest of the ports (win xp pro), W/O my firewall on. Is this possible? I think this will help enlighten me as to how a firewall works in the first place...
April 21st, 2004, 05:18 AM
What is the URL to the "sheilds up" test, I passed nortons online test as well, except my ping. How do you disable the ping so hackers cant ping your computer?? With ping disabled will I still be able to ping other people and websites??
I agree with h3r3tic, having no firewall and still having all those ports atleast closed is pretty damn good.
April 21st, 2004, 05:35 AM
I don't think you can do it without a firewall. Or at least you'd have to have something to put over the port to make it be stealthed. I don't really think there's a problem with a port being closed. You should be happy.
April 21st, 2004, 06:10 AM
Under WinXP Pro, which is what I have, open up your local area connection properties, then choose the advanced tab. Check the firewall, then select settings at the bottom. Ping is nothing more than ICMP, so make sure that all ICMP is set to 'Not Allow'. Then save and exit.
April 21st, 2004, 06:20 AM
WinXP Home edition has the firewall as well, I knew about the firewall that it has, but Im not im not suppse to use it because I have wireless network and it might interfere. Besides the router that comes with the wireless network already comes with a firewall and it seems to work alright seeing as how the norton test showed that I have all the most common attacked ports either closed or invisible. But could you explain the ICMP thing to me?
April 21st, 2004, 06:43 AM
Ping is a TCP/IP utility used to test whether another host is reachable. An ICMP request is sent to the host, who responds with another reply if it is reachable. The request times out if the host is not reachable, or the target has been programmed to drop ICMP requests and packets. Most 3rd. party firewalls include some form of ICMP handling, but Windows has only a few options, described above. ICMP is commonly run on port (7) which is 'ECHO' port, and is part of TCP/IP services. My two Linksys routers are configured to drop, which is different that responding with a no, to ICMP requests. Saying 'no' still lets a port scanner or cracker know you are there. By 'dropping' the request, the network doesn't even know you are there..ie: stealthed. GRC does a wonderful job of picking this up in a vulnerable system. Another thing GRC finds as a vulnerability when running routers is port 113; the IDENT port. Anyone running a router should port forward 113 to something like: 192.168.1.255, which will result in stealthing 113 also.
April 21st, 2004, 07:19 AM
I use a wireless network, so I suppose I need to keep ping allowed for this right? or would it not matter if I say no to icmp?
April 21st, 2004, 07:23 AM
If it's your own internal wireless network (home) then you don't need ICMP at all. If you belong to a wireless network..ie: laptop with wireless card, etc.. then you need ICMP to let the host know you exist.
April 21st, 2004, 07:29 AM
I think you guys are mistaken as to what he is asking, I believe he wants to know if there is a way to stealth the ports without the firewall...yet you tell him to enable the firewall. Anyway, The only thing I could think of off hand would be to stick a router in there but that is just using the NAT to kinda block it, I am not sure if you consider that cheating since that is close to a basic firewall. upon a quick google search I couldnt find anything other than references on how to configure your firewall to make the ports stealth. Hope I didnt misunderstand
Duct tape.....A whole lot of Duct Tape
Spyware/Adaware problem click
April 21st, 2004, 07:36 AM
GR, Yes I am on a wireless network with a pc card on my laptop, but the laptop is at home and so is my router. So do I need icmp for this kind of setup? Im not using a host, were you thinking like the wireless internet from like a satellite or something? Or maybe it is the host, damn im so confused, I tell ya, when it comes to networking im almost a complete noob, mainly cause I havent had the interest in learning about networking just yet.