sygatetech.com reports "You are not fully protected: We have detected that some of our probes connected with your computer. If you are not already running our Enterprise Security Agent or our Personal Firewall, try our Award-Winning Personal Firewall now." here ... because my computer responds to a ping (up to 4 pings per minute =) but everything else here is blocked, including ident, so it's definitely possible (why shouldn't it be =)

Hoch much sense does it make trying to hide my computer by dropping, for example, icmp packets when there is still a port open which I cannot block myself?

quite a bit. if you just reject the packets, the attacker would know that your port is closed. if you just drop the packet, the attacker does not know anything valuable, so there is a very good chance he won't concentrate on your machine any further. also, nmap can (roughly) tell your os if you reject packets - plus it takes some bytes outgoing bandwidth. it's not difficult to just drop the packets with iptables ... so they only reason you would not do it, is because you want to be nice to remote servers. rejecting 113 is not a bad idea, because mail servers like sendmail will - by default - try to connect to your identd port.

Regards,

michael