Exactly. As long as it’s closed, you’re fine. “Stealth” is just a label from a lot of port scanning tools and can be a false sense of security as when you’re on the internet, you’re never really invisible. I wouldn’t worry about it too much.
If you aren’t using a router and aren’t networked to other PC’s, I recommend uninstalling all items except for any “TCP/IP” in Network Connections (see my sample attachment). I always use WWDC to completely disable those pesky ports.
as for the software link you’ve posted, what do i disable? i don’t have a clue, i don’t want to disable something i don’t have a clue about. i’m wired via a modem, no internet sharing, comodos set up to block everything. can you post a guide please mate
So you’re on Vista? I don’t know what those other network items are, so I would leave them. As for the WWDC tool, each one has a backup option to re-enable in case there’s any issue. I disable all those ports and then reboot. You have the same network setup as I do (straight modem, no router, no network).
Further more I have experienced almost identical “Blocked Action” events in the past.
They may have involved a different IP address and different port number,
but identical in that the events were random at intervals ranging from a second or two up to a minute or so.
MY IMMEDIATE CURE - disconnect from my ISP and then reconnect.
I have a dynamic IP address so when reconnected I was allocated a different address from a different server.
I am sure the incoming traffic continued - but it was no longer my problem, but went to whoever inherited my old IP address.
Yeah, My OS is Vista Ultimate and I seem to have the same as you so should i click on each tab in that box?
I don’t have that mate, my ISP issue an IP for a set amount of time then renew it, rebooting the modem only fixes any connection problems i have. Virgin, my ISP would have to issue a new IP from their end but seeing as I’m constantly being put through to someone abroad the conversation ends up with me or he/she putting the phone down.
can someone please help me out. I used this software and disabled everything but messenger but when i rebooted and clicked on what ports were open, i’ve got these listed,
UDP
61288
56790
53874
50820
65185
5355
123
TCP
51382
135
I probed the ports on grc and it states its stealthed?
are these the ports that are currently been used? if so how can i find out whats doing what?
can anyone offer any help please? I still feel theres flaws in my system i need to close, plus the ports above have changed in the proggy Soyabeaner posted
The write-up on WWDC does not indicate that it does an on-line test of your ports.
It merely tests whether Windows has left them open.
Even if Windows has left them wide open, and WWDC shows them to be wide open,
so far as any external hacker is concerned you are still safe if you have a Router Firewall that has closed or even stealthed all ports - WWDC just does not know about that protection.
It is probable that WWDC will not know about any Comodo protection unless Comodo has altered the registry keys that control the Windows rudimentary native controls.
I would not accept any verdict other than GRC for what is safely closed,
and if GRC says that some things are not stealthed you should still be safe,
If you insist you MAY be able to disable the Router Firewall so it blocks nothing and then Comodo can give you full stealth, and GRC can report everything stealthed.
I prefer belt and braces so that if either goes wrong,
OR IF I MAKE A STUPID CONFIGURATION MISTAKE WITH EITHER,
I will still not have my trousers flapping around my ankles.
The only thing a hacker will learn from a closed port is that his target IP address has been allocated to some one, and there are softer targets he should be attacking.
I think the hacker will not know if your P.C. is rock-solid invincible because it is switched off and it is just a router modem that is saying closed.
sorry to bring this back up but its happening again but another ip, 10.184.96.1, although comodo is blocking it its starting to concern me. i normally have my 255. connection locked in active connections but as soon as i come under attack i loose the 255. and the 10.184.96.1 attacks start along with others. is this my ISP trying to connect to my pc, modem, ip? i’ve got no router, im on a stand alone pc wired up to a modem. my isp is virgin media, england.
The traffic from 10.184.96.1 on UDP port 67 to IP address 255.255.255.255 UDP port 68 is socalled broadcasting by a Bootstrap server. Bootstrap protocol is used to hand out IP addresses; it is older than and a predecessor of the DHCP protocol.
To see if 10.184.96.1 is causing the bootstrap traffic open the command prompt and type ipconfig (+ enter). Now see what the address of your default gateway is.
Easiest way to get rid off that traffic in your logs is to allow it in Global Rules or add 255.255.255.255 to your trusted network.
Connection-specific DNS Suffix: cable - virgin media
IPv4 Address…: 92.xxx.xx.xx
Subnet Mask…: 255.255.252.0
Default Gateway…: 92.xxx.xx.x
IPv4 and Default Gateway match until the last digits, IPv4 has 2 and the gateway has 1 at the end
I’m not what to do now, plus I’m not willing to add a global rule as i don’t know what to exactly do and what security flaws will result by doing so. Advise please mate
right sorry to bring a thread back up from the dead but as I’ve done a fresh install, this is now happening again and I want a second opinion before I place any rules in global rules.
normally when I boot, 255.etc. sticks in active connections, no bytes in, just afew out going which is probably my ISP. now after a while that 255. connection goes and I start getting the usual 10.184.96.1 being blocked in events, UDP source port 67, destination port 68.
Should I add the following global rule >>> Comodo Forum