Lol so you are saying that a hardware based firewall does not STOP, Filter, Monitor ICMP in/outbound traffic?
This gotta be a joke right? Tell me you are joking? Do you really think that CFW is better then a hardware based firewall, do you honestly think that? Look if people just configure their computer in the right way, and they have their router based firewall configured exactly as their ISP did set it (Maybe few tweaks if you got crappy ISP who uses second rate router brands) then there is NO WAY that ANY software firewall can even come close to the level of security a hardware firewall provides.
Its just a technical FACT.
Now on a positive note, yes Comodo fail wall use to be a kick ass firewall (Many versions ago) but really today even while tests suggest other things... Comodo is a fail.
In regards to that ICMP outbound test here is some info...
A ICMP Ping (an echo request) is a computer network administration utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time. Some software firewalls, as well as NAT routers may block ping requests in an effort to "hide" your external IP address and prevent any response to potential intruders and prevent possible denial-of-service attacks in the form of a ping flood, in which an attacker overwhelms the victim with ICMP echo request packets.
Most routers will allow ICMP inbound and outbound as long the request is valid and does not pass a specified security threshold.
So while ICMP might be allowed both ways, the very moment the ICMP package passes a limit, it will be blocked and locked out anyway to avoid DDOS and Flooding attacks.
Rendering ICMP exploiting useless against the targeted machine, and brining back ICMP functionality to "normal" windows communications that normally would be blocked.
In a broader term, ping can also be used to describe the transmission of any message for the purpose of locating or testing/identifying a network device and measuring latency. Such pings may not necessarily use ICMP packets, another common practice is using the UDP (User Datagram Protocol). A common use for identification purposes using TCP/UDP instead of ICMP is port 113 (ident)
A number of legitimate programs, such as IRC, online games, and network tools may need your computer to be "pingable". To accomplish this, you will have to determine first what device/software on your LAN is blocking ping requests. Commonly, this would be a hardware router/modem, or it could be a software firewall.
To enable echo requests (ping) behind a NAT router, you must log into the router and explicitly configure it to respond to ICMP echo requests on its WAN port.
Notes:
Most computers will, by default, automatically respond to ICMP echo request (pings). If you can't ping a machine, it is likely that it is behind a NAT router or some sort of firewall.
Many routers/gateways block ICMP echo requests (or simply drop ICMP when under high load).
ICMP is a session-less protocol and does not use "ports", they are a construct used by some protocols, such as TCP/UDP to maintain a persistent connection between computers.
That being said its so easy for Comodo to claim LOOK i blocked ICMP...now i feel good...
Really?
First they bashed Antivirus companies.... they failed as they got bashed back into that dark corner they did sprout from.
Second they started bashing other firewall brands... Failed again... as other firewalls actually are working and cannot be broken using a bug looooooooool (Hey comodo, other brands might be less impressive yet they at least deliver a finished product without having to use ductape and clue to keep it together)
And now they start bitching at ICMP requests? on hardware firewalls? Really?
Come on
@yigido
You are one of the respected and active members here, please tell me you are better then that...
Tell me you do not seriously believe that Comodo crap...
With all do respect i do see what they are saying and what they are trying, but if what i wrote does not ring a bell to you, then you might wanna consider that sometimes having a firewall like Comodo blocking everything is actually telling the attacker "try a different way" while a firewall who allows the traffic (keeping in mind the security threshold i mentioned earlier) will put the attacker on a wild goose chase.
If you got questions or other comments please let me know and i would be happy to explain it to you.
Kind Regards Nico
