Hi all I have just completed my connection with Sky's new service. I have received a new Netgear wireless modem/router which is "allways on". Therefore, I am assuming I have a static IP address.... right? My problem is that wheather in Windows or Linux, Sygate, Windows' own or Firestarter, I cannot seem to be able to repel the PING requests from Home of Gibson Research Corporation. I think I have disabled ICMP traffic wherever I could but to no avail..... Any ideas? :O
"Always On" does not necessarily mean static IP; it could be DHCP, PPTP, or PPPOE. Ping, or "ICMP Echo Reply", is not a vulnerability. ICMP exists for a purpose, and there are good reasons to have it enabled if you plan on hosting anything at all on your network. Your router is what is replying to the echo requests, not your PCs. That all said, you can likely turn it off from within the Netgear's web interface.
Hi AT Thnaks for putting my mind at ease once more - This is why I was concerned: Now, I am not hostying anything and there is not much reason to hack into my system. Unfortunately, the Sky equipment (Netgear DG834GT) came with an installation disk which did everything for me. I really do not like this, so today I will contact customer support and extract all the information I need to manualy set-up the connection myself. Don't you just hate not knowing what's in the box?
Yeah, I wouldn't be very concerned about what Steve Gibson says. Blocking echo requests doesn't make much sense, because it follows the "security by obscurity" method. But since I love making lists today for some reason, here are some reasons why this is dumb: Computers have not been vulnerable against any direct, ICMP-based attacks for a long, long time. There are other ways to detect a system's presence besides an echo request. Only legitimate reasons for doing an echo request (troubleshooting latency, connectivity, uptime) will be foiled by blocking echo requests. The echo request is simply the most direct, even polite way possible. Your public IP is one of a limited range of IP's owned by your ISP. Customers are cycled in and out of those blocks regularly, so you can expect all types of traffic regardless. Script kiddies and real crackers alike can also be expected to run scans against such subnets regularly. If your network is not hosting anything publicly through your firewall to the internet, an echo reply from a secure router/firewall will not give away any information which can be used against you. All they know is that something is up at that address. They can't actually do anything to a firewall with no ports open, right? If you *are* running some service out through your firewall, what good does blocking an echo request do? They can still do a TCP connect against the available services. If the services are secure, you are fine. If they aren't, blocking ping won't help here anyway.
