So you want to block this type of traffic?

Problem

Hello,

To simplify your doubt.

Please Correct me if I am wrong... 

Environment: Windows 8 and SEP 12.1 RU2 Beta Unmanaged client with all Features.

Query:  

Want to Create Firewall rule to Stealth option .

• Block / Log all incoming
• Allow all outgoing include (ICMP ,TCP/IP,UDP) (Application - Skype, firefox, ping,)

Issue :

After rules are created to allow " icmp" (ping,tracert) for both out/in the ping works.

However, when running Online Scanner nmap, it detects ports to be open.

1.Yes I use SEP 12.1.1989.1989

2.Yes I want to Stealth option

3.Block / Log all incoming

4.Allow all outgoing include (ICMP ,TCP/IP,UDP) (Application - Skype, firefox, ping,All my application) YES exactly

5.YES I create ICMP both (ping,tracert)

6.Ping ,tracert ---not work

============================================

Kolor,

You created your rules.

You are alloowing outgoing pongs and tracerts?

Now, you are trying to test, but are you testing to a machine, but does that machine have the same settings?

Meaning, are you trying to ping or tracert to a machine that has ICMP echo traffic disabled?

Can you, for example, from that machine ping google.com?

Are you receiving any error messages when trying to ping out?

Can another machine ping the machine you are trying to stealth?

MY rules

1.Block incoming traffic

2.Allow outcoming all

3.Allow ICMP  0,3,4,5,8,9 alllllllll   (ping,tracert ) both traffic 

Yes I ping www.google.pl  without respond

YES ww.ping.eu   ping me not work

  SEP show me ntoskrnl.exe has blocked

Hi,

Ok it means it my Windows 8 will be firewall stealth mode it yes your opinien .

What abut this .Try in your system .ANd tell my your Firewall pass or block .

  http://nping.online-domain-tools.com/

--icmp-type 0  --icmp-code 0    Yours Firewall IP  .

There is someone who help my to create good rules to by my Window 8 as firewall stealth mode.

The main problem is with "ICMP " how I may passing this move .

and don't forget to keep us updated with the solution :-)

Hi I was call to US but I don't understand this adviser .My English is to Bad to understand .And I think this adviser was from INDIA or Pakistan .He conect me from NORTON service .he he

Yes problem is still leaving .I try to ask in Poland Adviser .But Polsih man told me it's very diffical allow to pass ICMP code 3 with safe entry .Scanner nmap see your system .

acually rules ##################firewall stealth mode#############

1.Allow ICMP ---0,11 incomming

2.Allow ICMP --8 --outgoing 

##### ping.tracert work well ####

3.ICMP--both--block 1,2,3,4,5,6,ALL

4.Allow outgoing (firefox,skype)

5.Block incoming

################################This man help my ""elisha_riedlinger"" #######

But the issue still alive.ICMP code 3 ----how pass with safer mode .

SEP symantec it isn't edge firewall and it difficall to use rules .