Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User longedge
(member) Fri 02-Jan-15 08:37:48
Print Post

Thoughts on 'answering' pings.


[link to this post]
 
GRC.com "Shields Up" shows all green except for a warning that I am visible because my router is answering pings. Do I forgo BQM for the sake of getting all green lights? What are the pros and cons?

p.s. - Although I have a static IP it isn't any benefit to me (other than making BQM possible) so I thought about giving that up as well. Just because I'm paranoid doesn't mean they aren't out to get me 8^)

Edited by longedge (Fri 02-Jan-15 09:40:53)

Standard User caffn8me
(knowledge is power) Fri 02-Jan-15 11:41:51
Print Post

Re: Thoughts on 'answering' pings.


[re: longedge] [link to this post]
 
Does your router perhaps allow you to permit ICMP ping from only certain sources? It all depends how sophisticated its firewall is.

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Standard User jchamier
(eat-sleep-adslguide) Fri 02-Jan-15 13:17:25
Print Post

Re: Thoughts on 'answering' pings.


[re: longedge] [link to this post]
 
In reply to a post by longedge:
GRC.com "Shields Up" shows all green except for a warning that I am visible because my router is answering pings. Do I forgo BQM for the sake of getting all green lights? What are the pros and cons?


GRC / Steve Gibson started this debate in the late 90s. The assumption that anyone looking to maliciously intrude (aka "hack") into your router is going to find it _only_ by ping is naive in the extreme.

In the US at that time home routers were very rare and cable modems had just become popular. Cable firms sold connections for 2 computers in a house by using a hub. Each computer had a public IP address. Home routers then appeared in a big way with the Linksys BEFSR41 and it was a few firmware updates later that "don't respond to Ping on WAN port" became an option.

I've never seen it as a security feature. Just something to keep Steve Gibson happy.

There may be good reasons to allow ping, it assists in Path-MTU discovery, but as network capacity has increased that is a lot less interesting.

plusnet unlimited fibre - 2 Jun 14 - 470m - 80/20 - Summer/dry sync 55/9.4, Winter/wet sync 52/9.1
15 years broadband (1999 ntl:cable trial) - Asus RT-AC68U with HG612 - BQM - Summer PN speed - Winter PN speed


Register (or login) on our website and you will not see this ad.

  Print Thread

Jump to