cancel
Showing results for 
Search instead for 
Did you mean: 
jameskb
Level 7

How to block a "ping" request??

I just ran Steve Gibson's "ShieldsUP!" app and get this notice: "Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet."  How do I block this with McAfee FW/AV ??

See attached png file.

Thank you for your time.

--

JamesKB

0 Kudos
10 Replies
Hayton
Level 17

Re: How to block a "ping" request??

is your firewall security level set to Stealth? If not, set it and run ShieldsUp again.

You may need to go into firewall settings to the Ports and System Services section to check Port 445. According to a note in Windows Firewall's ICMP Settings, pings are automatically allowed if Port 445 is open.

0 Kudos
jameskb
Level 7

Re: How to block a "ping" request??

My firewall is indeed set to Stealth.

Port 445 is in stealth mode yet SheildsUp still says my computer is replying to the ping request.  Now what?

Thanks for your time.

--

JamesKB

0 Kudos
exbrit
Level 21

Re: How to block a "ping" request??

If you use a router ShieldsUp may be reading it and not your computer.   Check its settings.   Most routers have a hardware firewall which should be on with no exceptions allowing certain ports for anything.

Message was edited by: Ex_Brit on 28/06/12 7:15:08 EDT AM
0 Kudos
jameskb
Level 7

Re: How to block a "ping" request??

I've checked my Cisco E1000 router and the hardware firewall is indeed on with no exceptions.... yet something is still replying to ping requests.     LOL... now what?

0 Kudos
Hayton
Level 17

Re: How to block a "ping" request??

If you check the router and can't see the answer there go back to Security Center, Firewall settings, Ports & System Services and uncheck all ports except 123, 5357, and 443. Check ports 25/110 if you have a mail client on your system. 445 should be unchecked.

Then (this may be unnecessary, but it might make a difference) go into Windows Firewall settings and select the Advanced tab. Click on ICMP settings and uncheck the first four boxes ("Allow incoming ..... request"). The first of those is for "incoming echo request".  If Windows Firewall is disabled (and it should be) it shouldn't make any difference .... but it might.

I'm going to rerun ShieldsUp on mine and see what it says. Last time I did this it found no weaknesses. Alternatively, there are free McAfee tools in the Download section (at http://www.mcafee.com/us/downloads/free-tools/index.aspx) - Fport, ScanLine, SuperScan - that might be useful for this.

0 Kudos
jameskb
Level 7

Re: How to block a "ping" request??

HiYa Hayton..... Did all you suggested..... still no joy

0 Kudos
Hayton
Level 17

Re: How to block a "ping" request??

If 445 is open then it's probably being used by System (TCP) or McSvHost (UDP). At least that's what FPort tells me. FPort is a bit outdated - it's a command-line tool - but all you need is a utility to map ports to processes and/or applications and you'll see which ports are in use, at least.

As to why ShieldsUp can only see that one port, which is accepting ping requests, I'm not sure. Stealth mode, port closed by default, ICMP settings cleared : I have that and ShieldsUp says I'm invisible. Perhaps you've got something running which is allowing access through the firewall. FPort (or whatever you decide to use) should tell you that. Check your running processes - use Process Explorer, which can give you detailed information for each process about threads, ports, and lots more.

0 Kudos
exbrit
Level 21

Re: How to block a "ping" request??

According to the SecurityCenter itself port 445 is used by Microsoft Directory Services - does that give you a clue?    However even if it was open in SecurityCenter ShieldsUp should still not detect it because it should be stealth.

Capture.JPG

Message was edited by: Ex_Brit on 29/06/12 8:23:01 EDT AM
0 Kudos
exbrit
Level 21

Re: How to block a "ping" request??

..and another thought.  Conficker uses port 445.  Check for it using McAfee's detection tool:  http://www.mcafee.com/us/downloads/free-tools/conficker-detection.aspx

Might also be an idea to run Stinger and Malwarebytes Free, both linked here:  https://community.mcafee.com/docs/DOC-2168

0 Kudos