Ping reply failed/Security concern

Page 4 of 6 FirstFirst ... 23456 LastLast

  1. Posts : 1,348
    Windows 10
       #31

    F22 Simpilot said:
    You can ping a computer or device, dude... ICMP is the Internet Control Message Protocol and is used in NETWORKING.

    If you used a crossover cable or a NIC that supports MDIX between two computers and each computer has its own static IP address, you should be able to ping each computer. No router is required...


    Again, the router is IN FRONT of the computer. When Shields UP sends pings to PROBE certain ports (I believe the first 1024 out of 65,535) its hitting the router or modem FIRST. Not the computer. If ping is allowed in the router things "light up."
    Again becasue its layer 3. Host IP is still grounds when talking about layer 3 so it does not matter if its lan or public but the test is not inside the lan. To send ICMP like OP was initially thinking it would need access lan side unless its going to do some hacking. You can ping any computer on your network of course but can you explain to me how exactly they would ping a computer inside an internal lan from the outside?

    I never said that you cannot ICMP or ping another computer on your network because you can again layer 3 and host ip data type. For starters the computer from outside the network would need to know the devices local IP which it won't know unless it is hacking with 256 possible outcome.

    I don't know the full extent of it because i don't do this sort of stuff on that sort of level but i know that its not as simple as just sending some ICMP packets to someones router and then the endpoint/s are going to receive that just because, because it won't, if this was the case the the test would of came back as PASS becasue they blocked it locally.
      My Computer


  2. Posts : 368
    Windows 10x64 Pro
    Thread Starter
       #32

    Try3 said:

    I thought you were moving somewhere else with a decent network.

    Denis
    Yes, to my home where my LAN is secure, but I still have a couple of weeks here. Someone in the official ISP forum confirmed that the modem/router lacks a firewall and suggested the following solution:
    "If you want to block all traffic from outside, you can make a port forward rule that forwards all TCP and UDP ports (from port 1 to 65535) to a non-existent IP."
    Would that work? Thanks for your feedback
      My Computer


  3. Posts : 1,348
    Windows 10
       #33

    The router should be closed by default well any good router will be closed by default. This would only apply if you had a router where you need to block ports for some reason which is backwards methodology, they don't come like this you have to open ports to let stuff in not close them to keep them out.

    - - - Updated - - -

    If you run the test and the grid is all green those represent each port. Where they would be red if opened.

    - - - Updated - - -

    You cannot create port rules without a firewall so i am not sure exactly what is going on here but something does not add up. Are you sure we are talking about a router and not a switch or something? its also extremely strange that you have mentioned a few times now that the "router" has no firewall because it should and it is not common at all for them to not have one.
      My Computer


  4. Posts : 368
    Windows 10x64 Pro
    Thread Starter
       #34

    Malneb said:
    The router should be closed by default well any good router will be closed by default. This would only apply if you had a router where you need to block ports for some reason which is backwards methodology, they don't come like this you have to open ports to let stuff in not close them to keep them out.

    - - - Updated - - -

    If you run the test and the grid is all green those represent each port. Where they would be red if opened.

    - - - Updated - - -

    You cannot create port rules without a firewall so i am not sure exactly what is going on here but something does not add up. Are you sure we are talking about a router and not a switch or something? its also extremely strange that you have mentioned a few times now that the "router" has no firewall because it should and it is not common at all for them to not have one.
    Yes, the grid in the ShieldsUP test is all green, and it is the ZTE F680 router/modem. visually it looks like this

    This is the router's security tab:
    Ping reply failed/Security concern-2023-07-27_6-41-53.jpg
      My Computer


  5. Posts : 1,348
    Windows 10
       #35

    well that is a mesh router so its possibly not the main router, without knowing obviously but it could be assumed that this is connected to another router as its a mesh network by the sounds of it.

    This explains why there is probably no firewall because it does not need on only the main router does. If you live in shared accommodation or something and they offer free internet then you won't have any control of the traffic coming in.

    What you have done locally is good it just means that you won't pass the test.
      My Computer


  6. Posts : 368
    Windows 10x64 Pro
    Thread Starter
       #36

    Malneb said:
    well that is a mesh router so its possibly not the main router.
    Yes, that could be the case, maybe there's a main external router in the building and this one here is just a gateway
    Here is the topology as shown in the router. I wonder where that "Firewall" is:
    Ping reply failed/Security concern-2023-07-27_6-45-56.jpg

    Did you see the attached screenshot of the router's security tab?

    - - - Updated - - -

    Malneb said:
    What you have done locally is good it just means that you won't pass the test.
    What do you mean?
      My Computer


  7. Posts : 17,049
    Windows 10 Home x64 Version 22H2 Build 19045.4170
       #37

    antares said:
    it is the ZTE F680 router/modem. visually it looks like this
    It is a gateway, essentially a switch, so any firewall would have to be additional to it.
    There is some explanation in Understand GPON Technology - Cisco.


    Denis
      My Computer


  8. Posts : 1,348
    Windows 10
       #38

    The map is hard to tell but assuming firewall is going to be another device external to you whether that is a another router or an actual hardware firewall that you cannot access.

    assuming if the image you showed on the security tab is all there is then this will be the case. I meant locally as in how you blocked ICMP locally this is good considering it sounds like you might not have access to the main router.
      My Computer


  9. Posts : 368
    Windows 10x64 Pro
    Thread Starter
       #39

    Assuming there is an external firewall behind my modem/gateway, wouldn't ShieldsUP ping that firewall instead of my gateway? If so, then it shouldn't fail the ping test, assuming the firewall is properly configured. I guess this is an issue that should be reported to the ISP, and it should be fixed by them.
      My Computer


  10. Posts : 1,348
    Windows 10
       #40

    antares said:

    This is the router's security tab:
    Ping reply failed/Security concern-2023-07-27_6-41-53.jpg
    This is also for letting stuff out not for in(blocking). Which would be normal if you want to talk over a sub network or further to the outside it won't have any effect to your situation other than keeping it turned off.

    - - - Updated - - -

    antares said:
    Assuming there is an external firewall behind my modem/gateway, wouldn't ShieldsUP ping that firewall instead of my gateway? If so, then it shouldn't fail the ping test, assuming the firewall is properly configured. I guess this is an issue that should be reported to the ISP, and it should be fixed by them.
    Its hard to tell that map offers no real guidance to someone looking at it who has no knowledge of the network and how it is configured. That combined with the information you have supplied is why i keep saying assume. That could be a firewall in your router or it could be a firewall in a room two levels below you locked behind a door for all we know.

    - - - Updated - - -

    Mesh router/ network already assumes that you are just a segment of a much larger network at play which can get very complicated fast so if you are unsure we are just as unsure as you are.

    - - - Updated - - -

    Also rip CN i would be carful what internet you use over there they doing all sorts of unethical stuff. I personally wouldn't connect to someones internet unless i know they lease that line first hand.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:23.
Find Us




Windows 10 Forums