By default, network monitor should deny all inbound traffic (excluding icmp). Are you sure your (computer’s) IP address is being scanned? If so, you may need to review your network monitor rules. Do you have the default 6 network monitor rules?
With all due Respect Graham…
Not really… as that will depend on Rule ID - sets the order Rules are applied. A communication attempt starts at the top of the Network Control Rules (ID 0), and works it’s way down through the Rules (unless stopped/blocked) until it finds a Rule that allows the comminication (unless blocked before it hits that Rule)..
If he has a rule of “IP in - Allow - [Any] - [Any]” amongst his top Rules, then Rule #6 which is “IP in - Block - [Any] - [Any]” ? will not apply.
I’m not sure if you really do wanna close Port 443(https), but anyways… here’s how to close a/any Port.
Under “Security” - “Network Monitor”
Action: Block Protocol: TCP or UDP(or select which protocol you want to close) Direction: In
Source IP: Any Destination IP: Any (If you wanna deny it from the Web and your LAN) if not, else; [Zone] Source Port: A single port - example 445
OR a Port range: example 135-139
OR a set of ports: example 135,137,138,139 Destination Port: Any
That is why I asked if the default rules were present. If kofi had modified these rules, I’m sure he could have added a rule denying access to port 443. I have to admit though, that I mistook port 443 for 445 the first time I read this post ;D.