hjlbx

Question - EIS - Stealth Mode/Ports

Recommended Posts

Hello,

 

If I recall correctly the EIS firewall remains in stealth mode - or - "stealths" ports.  Is this correct?

 

Thanks,

 

hjlbx

Share this post


Link to post
Share on other sites

I had tried Gibson research port scanner one time a while back and port 443 was not stealthed. I tried this with both private and public option. Which scanners have you tried?

 

Edit:

Just tried it again and everything is stealthy.

Share this post


Link to post
Share on other sites

Hello Charyb,

 

I used PC Flank.

 

I also tried the Gibson scanner.  All ports stealthed, put failed  to prevent ICMP Echo request (ping response.

 

Thanks,

 

hjlbx

Share this post


Link to post
Share on other sites

EIS should return "stealth" under normal circumstances. You can also disable ping replies by disallowing the associated ICMP reply. Go to Protection/Firewall and double click the "Ping replies" rule. Switch it from "Allow" to "Block" and your system will no longer reply to pings except from trusted networks.

Share this post


Link to post
Share on other sites

Hello Fabian,

 

Hmmm...I set it to Block (for EchoReply and even All) and yet, my system still replies to the ping.

 

I already had submitted this issue in the Tracker prior to this thread.

 

If I am configuring the rule set incorrectly, please let me know so I can request a closure of the submitted issue.

 

Thanks,

 

hjlbx

Share this post


Link to post
Share on other sites

How do you test the ping? In general all ICMP packets originating from a network that is marked as private will be allowed ("Trusted network traffic (ICMP)" rule) and since it is listed before the "Ping replies" rule by default it takes precedence as rules are applied in the exact order they appear in the rules list.

Share this post


Link to post
Share on other sites

Hello Fabian,

 

When I modified the ICMP rule to "Block", I also moved it to 3rd position on the list.

 

Also, I am using a "Public" network.

 

So I was a tad vexed.

 

Thanks,

 

hjlbx

Share this post


Link to post
Share on other sites

You are aware that all port tests you do on the internet will NOT scan your actual PC running EIS but the router instead, right? Because only your router is facing the internet. You will have to run port scans and ping tests from a second system or VM connected to your PC via LAN to get any real results.

Share this post


Link to post
Share on other sites

Hello Fabian,

 

I did not know that fact.

 

Apologies...learning as I go here.  Less than ideal, I know.

 

Thanks,

 

hjlbx

Share this post


Link to post
Share on other sites

Hello Fabian,

 

Closed the issue in the tracker for Andrew F.

 

Your explanation prevented a needless waste of Andrew's time.

 

Much appreciated...

 

Thank You.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.