Just to let people know this an excellent test to see how their Nat router is really configured. or if you don’t use a router what ports are really open on the firewall. Thi is definitley a MUST run for People with No Routers and Just Comodo as a Firewall. Or can Be Handy for testing what people see on a DMZ zoned PC.
Main page is here www.grc.com. I t would also be cool to Know How Comodo Firewall does with no router against Shields UP! Whether all the Ports are really stealthed, Does Comodo Show Any Open ports?I am behind a Nat Router I don’t Know How Comodo Would Do with out a Nat Router but would love to know.
More than 91,897,630 shields tested!
Attached are screen shots in graphic and PDF format of my particular configuration in action with a NAT Router configured to Maximum protection. Passed all tests 100%.
The only part you can see of the stealth that you failed if you look closely is you ISP ip address Is Pingable.
When pinging your ip it responds. you should be able to turn this off in your router. This way there is no way to know there is a connection at that ip address.Once you fix the ping response you should have a perfect stealth 100% score.
Actually, there is a very definite way to know that there is a connection at that IP address…
“Stealth” doesn’t exist. It’s just a phrase that Steve Gibson made up. I’m actually quite surprised that he’s still championing the “stealth” concept, because it has a major flaw. It isn’t a valid networking protocol… 88)
Networking protocols expect some sort of response if a request is made. Even if a machine at the requested address is turned off, the upstream router will return a response that the machine is unreachable. If a request is made and there is no response whatsoever, that tells whoever is making the request that not only is there a machine at that address, but it is actively dropping requests! So much for “stealth”… 88)
So no, a “stealth” rating on GRC does not make you “invisible” as he would lead you to believe.
And no, it’s really not a big deal either if your machine is responding to Pings. All that matters is that your ports are closed. If a hacker does make it through your router, they will then have to contend with your software firewall. There are just too many unsecured computers out there to make it worth their time to try to infiltrate your machine.
Well i will say this. If your ports are closed the shields up website will report they are closed and not stealthed When Closed they will appear blue not green and wher they are open the will appear red on the shields up website. So Shields up definitely knows the difference between Stealth & Closed & Open Ports.
It would be interesting to see what Comodo ports appear as to shields up without a NAT router. stealthed or closed when you choose stealth all ports in the cis 6 firewall settings. Unfortunately so people with routers provide by their ISP, even thought they can login into their routers are unable to turn the ping off on their firewall. I had to call my isp and after quite a conversation with them they did it. In other words even though you can administrate your ISP provided router, there usually is another admin login that the ISP has that has More options including block ping. If stealthed doesn’t exist then when choosing stealth all ports in Comodo firewall settings is just closing them i guess then.
Someone without a router should just try this sight to see if all their ports show up blue and closed or green and stealthed with just Comodo Cis 6 Firewall running on their connection. A port that responds and allows connections is an Open port, A port that responds but refuses a connection is a Closed port, a port that doesn’t respond and doesn’t allow a connection is something port whether you call it Stealth, not there or whatever…If there is no sunch thing as Stealth Then what exactly does Comodo cis 6 Due to your ports when you Stealth them?
Mod edit: made a basic paragraph structure for easier read. Eric
You can always go into advanced settings, under firewall settings and go to portsets and manually block this port. but something would sound as if it is forcing it open. Around you on a router or not??
see attached screenshots for ad port rule in Comodo.
Yes, of course the port scan knows the difference between between port states, even the illegal (non-valid) state of dropping a request. That is the whole point of the scan…
If you choose to stealth your ports in the firewall, the firewall will drop these requests and GRC’s port scan will show “stealth”.
You can easily test this yourself by temporarily setting up a DMZ in your router.
But again, “stealth” does not equal “invisible”. Quite the opposite.
Here is an analogy that may help. Think of a telemarketer calling your telephone. If they attempt to dial a number that isn’t in service, they will get a recording telling them as much. This is how the phone system is designed. If they get the recording, they will know this isn’t an active number and they will take it off their call list.
However, an active number will ring. Let’s say you decide to play “stealth” if you don’t recognize the number calling you and choose not to answer the phone. This does not make you invisible, and the telemarketers are not fooled into thinking that there isn’t a phone at that number. They know this is an active number because they didn’t receive the “inactive” message, and they will most likely continue to call.
To take this analogy a step further, perhaps you have a call blocking service (let’s call this a firewall) that allows you to only accept calls from known numbers, and gives the caller a message stating as such. The telemarketers (let’s call them a port scanner) will know that this number isn’t going to buy anything from them (the scan has shown that the port is closed) and will move on to another number. Sure, they could keep calling (attempt to bypass your firewall) but this is a waste of their time, because they know the number isn’t accepting calls from their number, so they’ll just call someone else in hopes that the next number will answer.
I figured it out. It is in the router. I had a direct cable connection until about a month ago. Then switched to DSL w/router. It’s not open on locally (as far as I can tell). I configured the router to high security and tried to tweak everything possible, but 7676 is still open. Guess the only thing to do is call tech support and see if they can help ?
If your router is supplied by the ISP I would definitely be on the phone with them. As i stated even though you can administrate your router it is typical for ISP’s to have their own login with more authority than yours.
And an ISP is not going to have port 7676 open.
As far as the moderator’s reply HeffeD
I see his point basically a port that doesn’t repond and doesn’t allow connections generates some upstream response or something and there is no “true” Stealth Port Technology out there yet. You basically get a response similar to “Private Number” currently instead of a blank response
I will say that in some off brand routers there are firmware glitches that leave ports open sometimes. what brand and model of router is it? I would be looking in the router for the current firmware version and the verifying what’s the newest version from the manufacturer’s website while you are on the phone. Can’t hurt to have the latest firmware while you are at it.Hell if the router has Linux based source for the firmware, port 7676 could be a hack.While new Linux based firmware could fix the security Flawing. I am reaching but you Never Know…
On this Note
Is a good way to get the right tech support. I was able to reach a a really good tech for my isp through this forum by posting a thread.I have BrightHouse. If your provider is listed there you may want to join the forum there and post your question.It was much better than calling and going through all the hoops to get someone who knew something.
I tend to agree with HeffeD. Personally, I wouldn’t get too excited over these types of scan, you may get a warm fuzzy feeling, being wrapped in the stealthed greenness of the results, but you’re not really hidden. A simple scan on a network block with nmap, will show if a host is up or down, regardless if it’s stealthed. Granted, it may not be possible to tell, at first, if a port is open of closed, but that wouldn’t deter someone, if I really wanted in.
That is a great analogy. Let me take it a step further or look at it another way.
I think the word stealth is a bit strong. Hidden would be a better term, and you can always find something hidden if you look hard enough.
Look at the caller-id as the firewall.
The telemarketer calls and I answer the phone. - The port is open
The telemarketer calls and the answering machine picks up. - He definitely then knows someone is at that number and maybe even learns a little about me from the message he gets. - The port is closed
The telemarketer calls and I never pick up. He calls everyday over and over but the caller-id shows it’s a telemarketer or unknown caller. He has no way of knowing for a fact that someone is at that number. He just keeps trying to call but I will never answer. - The port is stealth
Actually, there is a very definite way to know that there is a connection at that IP address...
“Stealth” doesn’t exist. It’s just a phrase that Steve Gibson made up. I’m actually quite surprised that he’s still championing the “stealth” concept, because it has a major flaw. It isn’t a valid networking protocol…
Networking protocols expect some sort of response if a request is made. Even if a machine at the requested address is turned off, the upstream router will return a response that the machine is unreachable. If a request is made and there is no response whatsoever, that tells whoever is making the request that not only is there a machine at that address, but it is actively dropping requests! So much for “stealth”
So no, a “stealth” rating on GRC does not make you “invisible” as he would lead you to believe.
And no, it’s really not a big deal either if your machine is responding to Pings. All that matters is that your ports are closed. If a hacker does make it through your router, they will then have to contend with your software firewall. There are just too many unsecured computers out there to make it worth their time to try to infiltrate your machine.
There is some basis for the term. If not why does CIS feature stealth ports ?
Its ok to give users what they believe they should have in a firewall but is the firewall really doing its job correctly.
The shields up site looks very automated and the wording is almost robotic in nature and i dont wholly trust it as its full of gimmicks and fancy slogans. >:-D >:-D
If there were true “invisibility” on the web then how on earth would we communicate lol…?
I know ive used several firewalls and windows firewall attains a true stealth status on this site.
And the awful privatefirewall didnt stealth at all and even had an open port… >:-D >:-D
