<<
or have someone ping you. if your firewall is legit, they won't get packets back >>
I see this all the time, Steve Gibson of GRC thinks it's "cool" to be stealth, when in all actuality it's harmful.
This hyper-paranoid approach to security causes some difficulties. For a start, Internet standard
RFC 1122 states categorically about ICMP echoes (ping):
3.2.2.6 Echo Request/Reply: Every host MUST implement an ICMP Echo server function that receives Echo Requests and sends corresponding Echo Replies.
Note the MUST rather than SHOULD. This means that any internet user, or ISP server, has a right to expect that all live PCs connected to the internet will respond to ICMP ping requests with an ICMP reply. If a firewall user chooses to stealth ICMP requests so that no response is sent, they have only themselves to blame if they start experiencing problems, because they are in breach of RFC 1122.
The problems that might arise if you kill ICMP responses with stealth are:
Difficulties with DHCP lease acquisition or renewal in cases where the DHCP server checks on the availability of IP addresses, or your presence on the network, with ICMP ping requests [this doesn't actually happen on the original NTL network, but ICMP requests have been seen coming from the DHCP servers of the ex-C&W parts of the network].
Slowness of web connection setup in cases where the remote web server uses ICMP to determine the MTU of the response path.
So you are strongly advised not to apply stealth techniques to the ICMP protocol. In the freeware version of ZoneAlarm, this means you should run it in Medium Security, not High Security, for the Internet Zone. In ZoneAlarm Pro, you can configure ICMP behaviour to permit ICMP echo packets in and out even in High Security, using the Customize button of the Security Settings panel.
Similar problems arise with certain NAT routers, such as the Linksys. By default, the Linksys does not reply to incoming ICMP requests, equivalent to a stealth firewall.
Cheers!