VPN + Comodo = non-stealth ports 22, 80 and 443 (as per GRC Shields-Up!)

[Guest]

[port_stealth]

is this post in the wrong forum category? well over 300 people have read it, yet no one has replied. please tell me if i'm doing anything wrong here - thanks  

i use a VPN service with many servers in many countries. the only times that stealth for ports 22, 80 and 443 is achieved are right after i install a new firewall (no IP changes yet?) or when i turn off the OpenVPN service. when my IP changes i've tried selecting "I am home" or "I am at work" or "I'm in public" but stealth status remains elusive. i have gone to "Stealth Ports Wizard" and tried "Define trusted network and make my ports stealth..." (with various choices for "trusted zones" such as "loopback" or "home #1", or the beginning IP and subnet mask provided by ipconfig). i've also tried "Block all my ports and make them stealth for everyone." which worked no better. i didn't want to deal with incoming traffic by hand all of the time so i haven't tried the third option.

is there anything i can do about this?

specifics:

dell inspiron laptop
windows 7 home premium sp1 64 bit
comodo 5.9.221 (new free version)

thanks

[jay2007tech]

Here's the thing,

Port 443 Comodo VPN uses this
Port 80 is what browsers use to surf the net <---You were able to surf the net and go to grc.com so you know port 80 is open
Port 22 I think that has something to do with "ssh"

I hope this explains why that is

[ailef]

yes port is open but it should not be able to create an incoming connexion if comodo is installed. except if comodo is configured for the browser as trusted application.
so does the test says that it's just a port open or is it able to connect to the port ? normaly for any trafic, comodo is warning, custom mode and alerts to the max.
about the VPN, if you have no NAT firewall coming with it, the incoming requests will not be stopped.
i got a VPN service with the nat firewall option and it's blocking almost any incoming trafic. comodo is blocking like 10 intrusions a day.
when i use the other vpn that has no nat firewall, comodo is blocking like thousand intrusions a day.
I think that your comodo FW was not configured to stop and alert about all network activities.
Custom mode and alerts to the max, delete all the firewall rules and there are not a lot of softwares that need to be trusted application.
i just watched and i got no application set as trusted. but as i use kasper AV, this one controls all the traffic and each application comodo stops is always a tcp out 127.0.0.1 port 1110.
the only incoming is the VPN on port 4500.
I don't know if i'm 100% safe, but i think that the only way to connect to me is by breaking the certificate or a nasty talk with my port 443, when it's crypted, the AV is blind, kav has a certificate to scan encrypted connexions but it's very annoying as it's not working with all websites like the bank and impossible to run windows update. (on win7, because it used to work on XP).
so if you can add the service nat firewall on your VPN, It's working very good, 1000 intrusions a day without and 10 with , according to comodo FW that counts the number of intrusions on the summary tab.
but if u need an incoming to share things, a vpn with a firewall can be a problem. it's not possible to manage the nat firewall service, that's sad, but i don't think it's possible. each client connect to the servers trying to create a rule on an OS probably linux based. it's not very hard when u know the command, but it's far from configuring an ISP router or the comodo FW. even about that, if people are not interested a lot about PCs, it's chinese.
about VPN, is it hard to configure one for home ? do i need a certificate or a key is as safe ?
i think a certificate is a good choice, but when i have to enter the password during the configuration, it's so simple, so is it important or it doesnt matter as it's a RSA 4096 key in the certificate in L2TP/IPsec protocol encrypted in AES 256bit. what's the password do in that, when you import the certif, in the windows console, you have to enter a stupid password, i wonder the utility and if it's a security issue.
they anyway need my log and password also, but you take a vpn at openVPN for exemple and you DL the certif and the pass is openvpn... is it not stupid or i'm too paranoid, and as i'm not a network master, i don't know if to put a poor password there when you install the certif is a potential security issue ?
sorry for the so long post ! I need a slap for flooding, i start and i add too many things instead of asking if the problem is solved and how ;-)

[jay2007tech]

Damm, that's a big post.  I try to answer part of it (Gotta start somewhere, right)

For you, As for stuff coming and going through the firewall and your router.  I know that you know you can configure rules for the router and/or firewall.  (At home, I configure both)

I guess the best why to configure something is to understand how some software products (like "skype" tried to bypass routers and firewalls) Once you understand that, you can create better and more efficient rules instead of writing a bunch of rules (but, what fun is that right   ) 

This site can explain better then I could ever try to explain so here it is, If you can understand this, you can write better rules
http://www.h-online.com/security/features/How-Skype-Co-get-round-firewalls-747314.html

[ailef]

thanks for those informations, i'm trying to get the exact meaning of the article but my english is not good enough, there are some technical terms that I miss, I need to work the translation to be sure of what i think i understand is really what the person explained.

[Tags:]