Am I missing something here?

Kempo · September 8, 2006, 9:39pm

Installed Comodo this past Monday to replace Norton Internet Security. Last night I began to run some tests and I am totally confused. I am using a Linksys wireless router hooked up to a DSL line. I tested on http://scan.sygate.com/, ShieldsUp and HackerWatch (PCFlank was down last night) and I kept getting the same results of ports being blocked but not stealthed. However no matter what I did, the results were the same. Here is are the tests I conducted

Disabled LinkSys firewall with Comodo On/Off
Placed my laptop out on the DMZ with Comodo On/Off
All of the above but using XP Firewall (On/Off) with Comodo Off

In all of these combinations, I kept getting the same results of ports being blocked but not stealth and warnings about how improperly secure I am.

Sometime this weekend I will test with PCFlank but what am I missing? I even created a rule to what I thought would make my FTP ports invsible but they keep showing up as blocked and not stealthed.

mike6688 · September 9, 2006, 12:05am

Hi,

This is because it is the router being scanned not the firewall. You do not need to worry about the results as you are safe.

If you want to test CPF you will need a direct connection to the internet - not through the router.

Mike

duke1959 · September 9, 2006, 12:12am

Just a quick question. Can you test CPF on a wireless PC by just turning off the Routers Firewall?

cprtech · September 9, 2006, 12:53am

Check your router’s settings and look for a DMZ (Demilitarized Zone). If you see one, enable it for that pc’s ip address, then try a scan. Hopefully you will see alerts in Comodo’s logs for the incoming probes.

Kempo · September 9, 2006, 3:26am

Then what is being said here is that software firewalls only serve a limited purpose.

Melih · September 9, 2006, 3:53am

Software firewalls serve 2 main purposes
1)inbound protection
2)outbound protection

if you have a router then inbound protection is pretty much catered for. then software firewall will be usefule for outbound protection and network transparency (eg: you will gain visibility to whats going on the network which apps are connecting to the net etc).

Melih

Kempo · September 12, 2006, 1:43pm

OK so I want to test this firewall product and I already put my PC on the DMZ and even turned off the Linksys firewall but what I am getting from this thread is that the firewall tester (i.e. ShieldsUp) is still hitting the router and not me directly. Is this correct and how can I proceed? Thanks.

gwheaton · September 12, 2006, 2:53pm

I had pretty much the same problem, A couple of open ports and other ports closed.

I emailed my ISP and asked them, I got the following answer

"The telnet login you are getting is to a router on our network.

Your ip address is a shared ip address. We NAT (Network Address
Translation) through a seperate router which is just behind that router.
This router issues you the 172.16 address. After that you are issued
another address in 192.168 range from your wireless router. There is some
added security to this setup as intruders would have to pass through three
different subnets to get to you."

So I am not worried at all about incoming stuff. I am just using Comodo FW for outgoing portection.