Kerio and ICMP Echo

[JasonSix78]

I was playing around with ShieldsUp! and my system has passed every security test except the ICMP Echo test. I set Kerio to deny ping and tracert in/out and other ICMP packets but I still fail the test. Can anyone knowledgable on the subject explain this to me?

Thanks,
-Jason

 

[nweaver]

are you going through a router?

 

[JasonSix78]

I fried my router the other day so, no.

-Jason

 

[Nothinman]

ICMP was designed to serve a purpose, by filtering all of it you're just hurting yourself because you'll never get any port or host unreachable messages and all of your apps will just have to wait and timeout. And who cares if they can ping your machine? Do you have all of your windows boarded up so no one can tell when you're home too?

 

[JasonSix78]

Have a cold :beer: and relax, it was just a curiosity of mine. I'm trying to familiarize myself with how and what everything does. I'm not trying to board up anything, just doing some hands-on learning. I just found it odd that after I changed my firewall settings nothing changed.

-Jason

 

[n0cmonkey]

Forget shields up. It's worthless. That cloaked crap is a major load.

ICMP isn't evil.

 

[Nothinman]

Originally posted by: JasonSix78
Have a cold :beer: and relax, it was just a curiosity of mine. I'm trying to familiarize myself with how and what everything does. I'm not trying to board up anything, just doing some hands-on learning. I just found it odd that after I changed my firewall settings nothing changed.

-Jason

I'm not worked up or anything, if you have any specific questions about ICMP go ahead and ask them. But the general rule is that blocking it at your border will cause you more problems than it fixes.