Solved Failed ping reply vulnerability test

Cytherian

Vista Guru
I ran the GRC port vulnerability test (Shields Up!). I passed the individual port test 100%, but the overall report failed me for a Ping Reply. Apparently since I've selected my wireless network as "Home", I can be seen by other computers on the network, thus my computer replies to ping requests. But, I would think that ping requests outside my local IP addresses should be ignored.

Here's the response:
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.


Funny enough, I went into the Advanced Windows Firewall properties and found NO inbound rule for this, "Networking – Echo Request (ICMPv4-In)". Since there is no rule that allows for it, wouldn't it be blocked by default?

I went ahead and defined one as a custom rule, only for when I'm on a private network. My computer still failed the test. So, I changed the rule to block ICMP echo requests for the full scope. The result? It says I still failed the test. So, I went one step further and defined an incoming rule for ICMPv6, blocking for the full scope. The result? Still failed the test!

So... do I have a real vulnerability here, or is GRC making it up as a way of prodding me to buy some software?
 

My Computer

System One

  • Manufacturer/Model
    HP Pavillion dv5t
    CPU
    Intel Core Duo 2.53GHz
    Memory
    4Gb
    Graphics Card(s)
    NVidia GeForce 9600M GT 512Mb
    Screen Resolution
    1280x800 32bit
    Hard Drives
    Seagate Momentus XT 500Gb
    Hitachi Travelstar HTS543225L9A300 250Gb
    Mouse
    Microsoft 4000
Well, I discovered what looked like the reason... The "Networking – Echo Request (ICMPv4-In)" doesn't exist because it was changed a while back to something else. I found the rules. They are:

  • File and Printer Sharing (Echo Request - ICMPv4-In)
  • File and Printer Sharing (Echo Request - ICMPv6-In)

Both rule types are defined twice, once for Private and once for Domain and Public. The Private ones were enabled.

So, I went in and first disabled the rules. The GRC test failed.
Next, I went in and enabled the rules again, but set them to "block" instead of "allow". The GRC test failed again.


I'm perplexed... I don't see any other rules defined for ICMP Echo.
 

My Computer

System One

  • Manufacturer/Model
    HP Pavillion dv5t
    CPU
    Intel Core Duo 2.53GHz
    Memory
    4Gb
    Graphics Card(s)
    NVidia GeForce 9600M GT 512Mb
    Screen Resolution
    1280x800 32bit
    Hard Drives
    Seagate Momentus XT 500Gb
    Hitachi Travelstar HTS543225L9A300 250Gb
    Mouse
    Microsoft 4000
Eureka, I've solved it.

I've now learned that the way the GRC test works, the ping is returned from the (wireless) router, not the computer. So, I needed to go into the router and set the ping request to "ignore". Now, I've passed the test. :party:
 

My Computer

System One

  • Manufacturer/Model
    HP Pavillion dv5t
    CPU
    Intel Core Duo 2.53GHz
    Memory
    4Gb
    Graphics Card(s)
    NVidia GeForce 9600M GT 512Mb
    Screen Resolution
    1280x800 32bit
    Hard Drives
    Seagate Momentus XT 500Gb
    Hitachi Travelstar HTS543225L9A300 250Gb
    Mouse
    Microsoft 4000
Back
Top