Ubuntu

After using ShieldsUP to scan my computer for open ports. It tells me that my firewall is allowing PING replys. SO it fails the safety scan.

Asked by Mark

My Name is Mark.
I used Shields Up to scan my computer for security vulnerabilities and the output tells me that my PC failed the test, because my firewall allowed a Ping ICMP rerquest reply. I have Firestarter as my firewall and as far as I can tell it should not be recieving or sending PING requests.
Does anybody know how I can rectify this????

I am a novice so I hope I have explained my problem clearly enough.

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
bodhi.zazen
Solved:
Last query:
Last reply:
Revision history for this message
Best bodhi.zazen (bodhi.zazen) said : 		#1

First, Shields up scans your router, not your computer. So it is your router, and not your computer, configure you must.

Second, blocking ping requests is on marginal benefit in terms of security.

Revision history for this message
Mark (mark-j-hogan) said : 		#2

Hi Its Mark Hogan.

OK If it is my router that is accepting PING requests,
How can I stop this (If at all)??

I have a Sagem Router...

Revision history for this message
Mark (mark-j-hogan) said : 		#3

Hi Its Mark Hogan.

OK If it is my router that is accepting PING requests,
How can I stop this (If at all)??

I have a Sagem Router...

Revision history for this message
Theodotos Andreou (theodotos) said : 		#4

You should check the manual of your router but generally routers intended for home use are not so much customizable when it comes to firewall settings and security.

Revision history for this message
Mark (mark-j-hogan) said : 		#5

O.K Thank You for your reply.

I have looked into finding a manual with no success!!
I am using Ubuntu Hardy 8.04 and firestarter as my Firewall.

I scaned for open ports using Gnome-Nettol and GRC ShielsUp and found that I have the same open ports if I scan my routers IP address and my PC's IP address those open ports are as follows:

21 ftp
23 telnet
53 domain
80 www
1863 msnp
1864 unknown
4443 unknown
5190 aol
5431 unknown
5566 unknown
30005 unknown

All these are listed as open as I say on y router which is A Sagem f@st 2504 Sky router.

How can I close these ports keeping in mind that I am a relative newbie to Ubuntu???

I have looked for a manual for my router with no luck. and the documentation for firestarer has not helped me much either??

Is there any-one here who can clarify this for once and for all???

Kind Regards

Mark Hogan...

Revision history for this message
Mark (mark-j-hogan) said : 		#6

Oh by the way I have managed to disable my Router replying to PING requests.
So that is solved.
It is just the problem of closing those Darn PORTS....

Mark...

Revision history for this message
Theodotos Andreou (theodotos) said : 		#7

This ports are open on the PC or the Router?

I haven't use firestarter before but it should give you the options to disable the port you want. If not then you need to go to a Terminal and use iptables.

Revision history for this message
Mark (mark-j-hogan) said : 		#8

Thanks bodhi.zazen, that solved my question.

Revision history for this message
Jean-Marie PIVETEAU (jean-marie-piveteau) said : 		#9

Hi,

I freshly installed Ubuntu 8.04 from a DVD I bought.
Then I did all need updates proposed by the update manager via the Internet.

Before this, I used firestarter; but now in my new (and default) installation, firestarter is not installed by default: it seems a new default manager is installed: it is UFW. So I did an "ufw enable".

I am also a ShieldsUP! user and the result is the same as the above: PING request are answered ... this was not the case before I reinstalled my machine; it was completely stealth and therefore passed the test. Now the ShieldsUP! test fails because of the ping answers.

I have NOT a router: i use an USB modem ZXDSL 852. S my new Ubuntu installation answers the requests.

Does anyone know how ufw or iptables can prevent these answers ?