How To Close Icmp Port

[Joweez]

Can someone help me out here???

i conducted the systemac security test on my system and found that under the hacker title....blah blah... it stated my ICMP ping port is open. Furthermore, it said: hackers are more likely to target my computer.

I'm currently using Zone Alarm (free version) and I've read forums which I don't quite understand what they are implying, so I've decided to post one up myself.

Nevertheless, can anyone tell me how I can set this port to close or through Zone Alarm???

Please be simple in your terms and directions as I am quite a comp. dummie.

Thank you very muchie!~~~

[war59312]

LOL Scare tatics to make you buy a product, that is all.

Ping is used just to make sure your computer exists thats all. If a hacker wants to hack you, ping wont make a bit of a difference.

You can find tons of info on ping with google.

Here's a nice one.

http://ftp.arl.mil/~mike/ping.html

Techy. deff.

A protocol that sends a message to another computer and waits for acknowledgment, often used to check if another computer on a network is reachable.

But to answer your question you can not with a software firewall. At least I have never found one that works. Include zone alarm pro.

Anyways you need a router with a hardware firewall and then you set it up to rejecting pinging, which is ICMP or some times refered to as port zero.

cya,

Will

Please correct me if I am wrong about the whole software firewall deal. Since I would like to stop pinging without having to use hardware firewall 24/7.

[seapagan]

I have never used it myself, but what about the ICMP tab in windows firewall? It has various ICMP types that you can allow / block (ie the first option is 'allow incoming echo request'). Personally, I used a FreeBSD Unix machine as a gateway, with a [ software ] firewall to block all incoming pings until I got my router.

to get there - start -> control panel ->network connections -> right-click on your network connection -> properties -> advanced -> select ICF -> settings -> ICMP.

It is true that blocking the ping response will not stop hackers getting into your system if you have open ports or vulnerabilities, but many tools used by 'casual' scanners use the ping to quickly detect an active computer when they are scanning large ip ranges, and any responses can be later fully investigated - i tend to get a couple of dozen every day just from my own subnet. Personally, if I am roaming on my laptop, I never bother to block ICMP anymore, only on my permanent connection.

Note however, that some internet programs may not work properly or connect slower if you block the ping response.

As war59312 said though, best defense is a hardware-based firewall.

Anyone else with more experience with the Windows ICF can correct me if I'm wrong

SP

[epic]

Hehe. ICMP is open.. oh my what is this world coming to.

Just block the port under windows ICF. You can not disable ICMP unless your using a hardware firewall. But if you not already have one I would suggest getting one. Check the forums for Hardware Firewalls, I know we had discussed hardware firewalls within the community.

ICMP is not bad to close or leave it open. It's just a basic protocal to get an active hello, without actually knowing the machine is there. However, blocking / closing ICMP will safeguard your machine by droping these packets. ICMP is quite malicious to larger companies, source of DoS attacks.

I understand your nature to worry. Advertising is brutal and false.

[kukuhead]

I block icmp/port zero using sygate if u want to block "ping" request.

[Martin Zugec]

Well, ICMP is really important in first phrase of attack (inventory)... On my DMZ I got ICMP disabled, my internal network supports ICMP.

BTW it is not port, it is protocol.

[kukuhead]

Well, ICMP is really important in first phrase of attack (inventory)... On my DMZ I got ICMP disabled, my internal network supports ICMP.

BTW it is not port, it is protocol.

<{POST_SNAPBACK}>

ICMP is a protocol, but ping is done thru port das y i closed only port zero. Correct me if i m wrong