Installed Comodo this past Monday to replace Norton Internet Security. Last night I began to run some tests and I am totally confused. I am using a Linksys wireless router hooked up to a DSL line. I tested on http://scan.sygate.com/, ShieldsUp and HackerWatch (PCFlank was down last night) and I kept getting the same results of ports being blocked but not stealthed. However no matter what I did, the results were the same. Here is are the tests I conducted
Disabled LinkSys firewall with Comodo On/Off
Placed my laptop out on the DMZ with Comodo On/Off
All of the above but using XP Firewall (On/Off) with Comodo Off
In all of these combinations, I kept getting the same results of ports being blocked but not stealth and warnings about how improperly secure I am.
Sometime this weekend I will test with PCFlank but what am I missing? I even created a rule to what I thought would make my FTP ports invsible but they keep showing up as blocked and not stealthed.
Check your router’s settings and look for a DMZ (Demilitarized Zone). If you see one, enable it for that pc’s ip address, then try a scan. Hopefully you will see alerts in Comodo’s logs for the incoming probes.
Software firewalls serve 2 main purposes
1)inbound protection
2)outbound protection
if you have a router then inbound protection is pretty much catered for. then software firewall will be usefule for outbound protection and network transparency (eg: you will gain visibility to whats going on the network which apps are connecting to the net etc).
OK so I want to test this firewall product and I already put my PC on the DMZ and even turned off the Linksys firewall but what I am getting from this thread is that the firewall tester (i.e. ShieldsUp) is still hitting the router and not me directly. Is this correct and how can I proceed? Thanks.
I had pretty much the same problem, A couple of open ports and other ports closed.
I emailed my ISP and asked them, I got the following answer
"The telnet login you are getting is to a router on our network.
Your ip address is a shared ip address. We NAT (Network Address
Translation) through a seperate router which is just behind that router.
This router issues you the 172.16 address. After that you are issued
another address in 192.168 range from your wireless router. There is some
added security to this setup as intruders would have to pass through three
different subnets to get to you."
So I am not worried at all about incoming stuff. I am just using Comodo FW for outgoing portection.