CIS not stealthing ports 135,138,139 and 445


New to this forum and new to CIS. The problem I have is that the above ports are being shown as closed and not stealthed. This was checked on and their scan was getting a reply from those ports.
Perhaps someone in the know could explain why this is happening. I’m not very good when it comes to configuring firewalls. Thanks in advance


Thanks for your reply. File and print sharing and Microsoft Networks are not installed. As my machine is only connected to the internet I always remove File and print and MS networks. NetBois over TCPIP is already off. Also DCOM is in active.


Are you behind a router?
Also, can you please specify which changes you have made to the firewall configurations?

If so what you are probably seeing is due to the router and not CIS.

Hi Chiron

Made no changes to the firewall configuration(as installed running in safe mode) and my router is in modem mode only. All ports are stealthed except the ones above - just closed.


Please try running the stealth ports wizard and select “Block Incoming Connections”. See if that makes any difference.

No difference after using " Block Incoming Connections" same ports showing closed.


I’m not an expert with this, bug I believe this is probably due to the router. From your description it sounds like CIS is configured correctly.

However, hopefully someone with more knowledge about the interplay between CIS and the router will be able to comment soon.


What is the IP that you get from your modem? Is it in a private range (172.x.y.z, 10.x.y.z or 192.168.x.y) or a public range?

Hi EricJH

Yes a private ip 192.168…


You are getting an IP address in a private range so that means that GRC is probing your router. Please check if your router has NETBIOS enabled and if it has disable it.

Hi EricJH,

Unfortunately my modem/router was supplied by my ISP(Virgin Media) and as such has very little in the way of configuration,there is a in built firewall but it’s disabled. There is no NetBois to turn off. I think the problem is that all the settings relating to stealthed/closed ports are in the firmware. So thanks to all who replied, at least the ports are closed.