CIS firewall fails ShieldsUp, Windows firewall passes

I recently upgraded from XP to Windows 7. Before I upgraded I always passed the ShieldsUp test of the first 1056 ports. Since the upgrade to Windows 7 the CIS firewall stealths all ports except 0 and 1. Using the stealth wizard to stealth all ports doesn’t work; Ports 0 and 1 remain visible from the internet. They’re closed but not stealthed. I’m not behind a router and am connected directly to my Ubee EVM3200 cable modem. However when I disable the CIS firewall and enable the Windows firewall it passes the test. How do I stealth ports 0 and 1 and why can’t I stealth them using the 3rd stealth wizard option. As of now I’m using the Windows firewall. Thanks in advance.

OS: Windows7 professional 32bit

What a scanner in the internet would see:

  1. a closed port
  2. a “stealthed” port


My understanding is that a stealthed port would been “seen” as a computer that is off, i.e. it would not be seen. If both closed and stealthed ports are seen then stealthed ports are useless. The problem has become moot as I’ve changed to Zone Alarm because Comodo couldn’t even stealth all ports. ZA and Windows stealths all.

Ok, in my shields tests all ports where stealthed with comodo, but i didnt care.

A stealthed computer tells nothing as reply.
But a not existing computer would be represented by the last server who would say “There is nothing behind me that fits your request”.
So, the scanner doesnt get a reply from your computer, but the server acted as if there is a computer, because he said “Ok move on”.

You are only stealthed if the last point before your computer would say: “Nothing here”.

So in both cases (attacker knows you are there, attacker knows that you are “stealth”), closed protected ports is what you need.
Thats what i tried to tell you.

I was even stealth in the tests as i had not a firewall which had an option for stealth :smiley:

I am sure, there are other things that zone alarm cant. As in this test. Just as an example. Stealth is not all, and it isnt stealth :wink:
Scroll down to zone alarm firewall free version, omg :o (7%)
And then scroll up again, to comodo :wink: (100%)

Windows 7 and I’m not behind a router either…here’s my test results.

[attachment deleted by admin]

Check This & Report Here

CIS 5.5 - Remove the Allow All Outgoing rule from Network Security Policy & check with grc.

CIS 5.8 - Uncheck Dont Give Popup Alerts from Firewall Settings - General & check with grc.


I now know why I uninstalled ZA in the first place. I’ve reinstalled Comodo and checked “Protect the ARP cache” and “Block gratuitous ARP frames” under Firewall behaviour settings (Advanced). This solved my problem although one would have thought that the “Stealth all ports” command would do this automatically. My computer is now stealthed with Comodo, or at least the first 1056 ports are.