Can't Ping After Installing Bd -- Pls Help!

Can somebody please help out?


Before instaling BD Internet Security 2009, I could run ping (for example: ping www.yahoo.com) to test my internet connectivity, if say IE wasn't able to display websites for some reason.


But now after installing BD, i can't -- all requests time out. Is this b/c of BD's firewall?


Is there any way around it? Can i run ping with some additional flags perhaps, to make it work? Or do I need ti disable the firewall first?


Thanks in advance...

Comments

  • hnyaji
    edited May 2009

    Hi


    I have BIS 2009 and could ping www.yahoo.com directly. BD does not ask me for any permission even with firewall set to 'report' or 'deny'.


    Hemanth

  • Maybe some other firewall setting controls the ability to ping?

  • Hi


    I can't ping any site from the command prompt any more!


    Hemanth

  • Hello acherner and Hemanth,


    I have no problems pinging either from cmd, or from other applications. Could you try pinging with the Firewall disabled? Do you have other firewalls (including Windows Firewall) enabled?


    Cris.


  • I disabled the BD firewall and was able to ping instantly. Enabled the firewall back and ping'ing began to time out.


    As far as I know there are no other firewalls running. Prior to installing BD, I was running the Windows firewall and ping'ing was working fine (installing BD disabled the Windows firewall of course)


    So how is it possible that BD firewall on one computer allows ping'ing and on another blocks it? I'm running WinXP if that makes a difference.

  • alexcrist
    alexcrist
    edited May 2009

    Go to BitDefender Security Center (Advanced Mode) -> Firewall -> Rules and click Advanced. On the window that opens look (from the top of the list) for rules which have ICMP or ICMP6 written in the Protocol column and see what's the action for those rules.


    Please don't change anything there. Just post back what you find.


    Cris.

  • Hi Cris


    firewall settings


    allow known programmes


    trust level - safe


    stealth - remote


    generic - no


    icmp.jpg


    Hemanth

  • Cris,


    Lines 13-15 show exact same info for me as for Hemanth

  • alexcrist
    alexcrist
    edited May 2009

    Hemanth, see rule #14. It states that ICMP traffic is denied for all non-local addresses, which basically means that the Firewall will allow ICMP traffic only for local addresses (which is stated by rule #13).


    Try pinging your own system (ping localhost or ping 127.0.0.1), or other systems in your own network and I believe you will get a response (provided that the other systems reply to ICMP requests).


    I have no idea how rule#14 appeared on your system. On my system, that rule is not there.


    To fix your problem, try setting rule#14 to Allow and try to ping an external address (like bitdefender.com, or google.com).


    acherner, don't follow this advice, because it might not apply to you. Please post the same information that Hemanth provided.


    EDIT: You posted in the same time that I was writing this message, so I didn't see you post until after I posted mine. :)


    If the information provided by Hemanth is exactly the same as yours, try the same advice I gave above and post the results.


    Cris.


  • Thank you Cris! I followed your instruction and ping'ing now works fine :)


    So now that I've done this - am I compromising my security in any serious way? Is there any real reason to have ping'ing disabled?

  • Hi acherner,


    I guess with 'allow' for #14 as in my above post, people from outside the local network could ping the system bypassing the firewall!


    Hemanth

  • alexcrist
    alexcrist
    edited May 2009

    Not exactly.


    That rule applies to ICMP requests, so it affects only the pings that you initiate (in simple words, when you ping someone else).


    The ICMP responses (what happens when you are being pinged by someone else) is controlled by the Stealth feature of the firewall. On the Firewall -> Network tab you can change the Stealth setting for each adapter, like this:


    - On: Stealth is set (ICMP requests from other systems are blocked, file and printer sharing also blocked, your system won't reply to any unsolicited package, so basically your system is completely invisible in the network)


    - Off: Nothing of the above s blocked


    - Remote: Everything from On applies, but only for non-local systems. For all local systems, everything is allowed.


    None of these settings affect your system's ability to ping other systems.


    In a safe/trusted network, I recommend using Remote. In an insecure network (such as public networks, or direct connection to the internet), I recommend using On.


    To answer acherner's questions:


    1) No, you are not compromising your security by allowing pings


    2) Pings are kinda like doorbells: someone rings it to see if anyone's home. Basically, pings are used to test if the destination system is online. You might use pings to monitor a server to see if it's online or not (and to see if there's any downtime). However, for privacy issues, I'd recommend keeping it blocked if you don't really need it. :)


    Cris.


  • Cris,


    Thanks a lot for your suggestions. Your help has been quite invaluable. As somebody was saying in a different post, BD should really put you on their staff :)

  • sreed
    edited May 2009

    When I ping any IP address on the other side of the firewall I get all timeouts. I have Terminal Services and bdagent.exe running. This has been the case from the moment I installed BD Internet Security 2009 (on Windows XP sp3). How can I fix this?

  • Hi Scott,


    please look into my above message (May 2 2009, 11:41 PM). Do you have 'allow' or 'deny' for them?


    Hemanth

  • Just wanted to add that I had this same issue on BD IS 2009 on WinXP 64bit. The posted solution worked for me, too.


    Another computer of mine running BD IS 2009 on WinXP 32bit did not have this issue.