Firewall Ports - Stealth or Closed

Is it best to have computer ports blocked/closed or stealth??

Closed is all you need. Contrary to what certain people/website contend, “Stealth” doesn’t actually hide you from anyone that is looking for you.

Thanks - people always use to moan about Kaspersky firewall as it closed the firewall ports, not just used pure stealth. But, Comodo ports when I checked mine were all stealth?

What is the real difference between Closed and Stealth? Isn’t Stealth just closed ports that doesn’t respond? And how does it not hide you? I mean, can you give an example or a link?
Sorry for all the questions but for me to change my opinion about something I often want some proof or example etc instead of only a statement, especially when that statement goes against most of what I have read, which makes me want to know more.

Yes, Comodo will stealth ports.

But remember that if you’re behind a router, (as I believe you are) the GRC port scan is probing your router, not your software firewall. If you wish to test your software firewall, you’ll want to set up a DMZ in your router for your computer. (A DMZ will send all traffic straight through your router to a connected device) Just remember to remove the DMZ after running the test.

“Stealth” is non-standard TCP/IP protocol. With standard networking protocol, if a machine makes a request to another machine, some form of response is expected. Even if your machine is turned off, an upstream router (at your ISP) will respond that the machine is unreachable.

So if someone suspects a machine is at a certain address and runs some scans, if they get no response, they will not only know that there is a machine at that address, but that it also has a firewall that is actively dropping requests.

So much for “stealth”… :wink:

There are other methods for determining if a machine is on a network, even if you’re “stealthed”.

If you want some links, just do a search for something like, does stealth ports actually work?

I just searched around a bit and now I see what you mean, but now I wonder why stealth wasn’t made to send out the “ICMP Unreachable” instead of not responding, since according to some site I read the “ICMP Unreachable” is the response that is sent out whenever there really isn’t a port there. 88)

But then again if it’s already configured as Stealth then I see no point in changing to Closed, since they both have the same security even if stealth doesn’t have any better security than Closed. At best you could fool a stupid hacker 88)

Edit: About Closed and Open ports in general, is there any service like that tests all ports instead of just the common ports / service ports? I know you can do it manually… but… that would take some time.

Yes, stealth is as secure as closed. It just doesn’t make your computer invisible as the hype would like you to believe.

Indeed, I will be sure to deliver this information whenever it’s relevant.

I also believe it is against networking protocol to be using stealth and not responding to probes etc.