Puppy 431 with firewall up, still replies to ping request

For discussions about security.
Post Reply
Message
Author
User avatar
Smithy
Posts: 1151
Joined: Mon 12 Dec 2011, 11:17

Puppy 431 with firewall up, still replies to ping request

#1 Post by Smithy »

Ok so I went to https://www.grc.com/x/ne.dll?rh1dkyd2
to do a test on the Puppy 431 using firefox, after turning the puppy firewall on, (automatic without prompts). Here are the results.

Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .


Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)


Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.

So it failed on pinging. Does this matter? Firefox is running under wine.
BTW the typeface looks really crappy! Like a sort of draught version...

User avatar
Barkin
Posts: 803
Joined: Fri 12 Aug 2011, 04:55

#2 Post by Barkin »

Puppy 525 passes Gibson Ping test ...
Attachments
puppy 525 passed Gibson ping test.png
screengrab from https://www.grc.com/x/ne.dll?rh1dkyd2
(42.03 KiB) Downloaded 571 times

User avatar
rcrsn51
Posts: 13096
Joined: Tue 05 Sep 2006, 13:50
Location: Stratford, Ontario

#3 Post by rcrsn51 »

Try this command to block pinging.

Code: Select all

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
To make it permanent, add the line to /etc/rc.d/rc.local

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#4 Post by nooby »

Hope it is okay to ask a noobish question.

Could it be the case that some ISP use pinging to determine
if I am still active using internet and if one do what is suggested
then one loose internet each 20 minutes or so? No big deal
if one get it back withing a minute but what if it takes hours
in some places where there is competition to get internet?

Being a true pessimist. Can my ISP have some rule that makes
it shut me down totally if I do this too often. Them need to ping
to be economically okay. They whole set up is that they can ping?
To keep their way of doing it is based on pinging and me making that
impossible is seen as obstruction or something.
I use Google Search on Puppy Forum
not an ideal solution though

User avatar
Smithy
Posts: 1151
Joined: Mon 12 Dec 2011, 11:17

#5 Post by Smithy »

Thanks rcrsn51,
that bit of code put into the console did the trick!

Saves all that B*****king around with Zone Alarm and stuff :)

Nooby, I haven't had that losing connection problem with 431, but maybe now the pinging has been stopped it might..I think games sometimes need it. That's all I know, others will undoubtedly know more.

Bligh
Posts: 480
Joined: Sun 08 Jan 2006, 11:05
Location: California

#6 Post by Bligh »

Good question nooby, I don't know the answer, but have seen minor activity on my internet connection which I have assumed was my isp.
Cheers

Adagio

#7 Post by Adagio »

Telstra Australia uses what is known as a HEARTBEAT to check your connectivity.
If you block the heartbeat with your firewall you get disconnected.

AFAIK Telstra is the only ISP in the world to use the heartbeat.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#8 Post by nooby »

Adagio wrote:Telstra Australia uses what is known as a HEARTBEAT to check your connectivity.
If you block the heartbeat with your firewall you get disconnected.

AFAIK Telstra is the only ISP in the world to use the heartbeat.
How can one know if that is happening by looking at netstat or something?

I know I lost connection about each 15 to 45 minutes. I don't remember.
Maybe each 30 minutes or shorter interval it where very annoying. :)
But maybe a year ago or more so have no recall of details
I use Google Search on Puppy Forum
not an ideal solution though

amigo
Posts: 2629
Joined: Mon 02 Apr 2007, 06:52

#9 Post by amigo »

Your ISP probably *pings you* to see if you are still using your temporary connection. If not, then they cut you off and let someone else use that IP address -if they have 10,000 customers they probably serve them with half that number of addresses since not everyone is connected at once.

You can avoid being shut off this way by *pinging them* every 5 minutes(or one minute). You pinging your ISP doesn't tell them anything they don't already know -the IP address you are currently using. Disabling the *answering of pings which you receive* is a way to avoid being seen by malicious traffic. If you ping your ISP often enough, they won't be pinging you to see if you are still around.

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#10 Post by nooby »

Thanks sounds logical. Wish I knew their view on us pinging them?
I don't even know if Lupu 528-004 maybe already do that or not
or how to tell it to ping. How does one know how to do such things?
I use Google Search on Puppy Forum
not an ideal solution though

Post Reply