Manually blocking ports

[Guest]

[Flyboy63]

Hi, Ive installed Comodo firewall & then done a security test here http://freescan.seifried.org/ & I get a score of '0'. So I followed the advice & manually configured ports to block replies (turning the alert on if its triggered) then scanned again & the results still say the port/s is open? And I dont see an alert or log to say it was blocked.

I configured the ports via Security, Network monitor, add rule, Protocol TCP/UDP, port x, then set the port numbers in 'source port' & 'remote port'. I also tried setting remote port to 'any', with source port set to port x (& vice versa) but it still says its open?

What am I doing wrong?

I have a DSL modem connected via ethernet. Is this maybe where the problem lies? Do I need to configure port forwarding?

[timcan]

Welcome Flyboy63,open comodo firewall clicksecurity>network monitor >hightlight permission Block >edit> check mark box to create an alert >ok.
 I haven't done a port scan with ver 2 but version 1 would pass any scan with default settings.
 Just curious,is your modem a router/modem combo? tim

[Flyboy63]

Hi, yes I already had the alert check box ticked. I tend to think it may have something to with my modem. Its a Zyxel 660RU gateway. It has the option for USB or ethernet connection. I have the 'security' options in there checked (ie security 'on'). I used to run firewall checks before getting this modem (using zonealarm) & it used to show 'stealth' for all ports, but now even ZA comes up with the same security failures (ie most ports only show as 'closed' rather than stealth).

[ully]

Hi Flyboy63
i have a zyxel 660h and comodo pf, and I score 5 on that site. if you think it's the router you can compare settings to mine. just let me know. the web configuration will be the same, or similar.

[Flyboy63]

Thanks. All I have changed in my modem is to turn on all the security settings (eg FTP, telnet, etc). Everything else is default.

The security check says I have ports 21,22, 23, 80, 113 & 8080 open. Thing is, doesnt port 8080 HAVE to be open for web access?

Might try another modem & see if I still have the same prob....


EDIT: Well Ive tried a Netcomm NB5 modem & I still get the same result.

Also ports 21, 23 & 80 show as STEALTH using GRC's 'Shields Up'?

[egemen]

Thanks. All I have changed in my modem is to turn on all the security settings (eg FTP, telnet, etc). Everything else is default.

The security check says I have ports 21,22, 23, 80, 113 & 8080 open. Thing is, doesnt port 8080 HAVE to be open for web access?

Might try another modem & see if I still have the same prob....


EDIT: Well Ive tried a Netcomm NB5 modem & I still get the same result.

Also ports 21, 23 & 80 show as STEALTH using GRC's 'Shields Up'?

It seems your ADSL modem is being tested instead of your host. Because with default installation of CPF, you are completely invisible to the outside world.
These types of port scans can produce wrong results if you are behind such a simple router.

Egemen

[Flyboy63]

It seems your ADSL modem is being tested instead of your host. Because with default installation of CPF, you are completely invisible to the outside world.
These types of port scans can produce wrong results if you are behind such a simple router.

Egemen

Interesting. Actually as an experiment I disabled my firewall entirely & ran the test again & got the SAME result ( ie it says I have 6 'open' ports when in fact it should be reporting them ALL as being open). So your right. Somehow the test is probing my modem instead of my PC. it would also explain why Im not seeing any alerts or logs.

My next question is is there any way to get the test to probe my PC instead? Or should I just assume Im secure?

[egemen]

It seems your ADSL modem is being tested instead of your host. Because with default installation of CPF, you are completely invisible to the outside world.
These types of port scans can produce wrong results if you are behind such a simple router.

Egemen

Interesting. Actually as an experiment I disabled my firewall entirely & ran the test again & got the SAME result ( ie it says I have 6 'open' ports when in fact it should be reporting them ALL as being open). So your right. Somehow the test is probing my modem instead of my PC. it would also explain why Im not seeing any alerts or logs.

My next question is is there any way to get the test to probe my PC instead? Or should I just assume Im secure?

With default CPF installation, you can assume your PC is secure. But your actual door to outside world is your modem. It is also a simple host with a simple OS. You might consider reconfiguring its internal firewall as well.

Egemen

[Tags:]