I temporarily disabled “Block Anonymous Requests” in my router setup in order to do a port stealth check on my PC. I found that, with either Comodo Internet Security or Firewall Security profile enabled, Comodo DOES NOT stealth ident port 113 on my computer. What’s up with that? How do I tell Comodo to stealth port 113?
What makes you believe that your router doesnt answer this request?
When i used a modem and tested comodo it was allways closing all ports.
What happens if you enable the router function? Is that port closed in the test?
Note: I use comodo for the firewall mainly, but i allways used proactive instead of firewall profile. Thats what i would suggest in general.
The whole purpose of disabling ident port response in the router is to test the software firewall, which should stealth all ports.
The router only handles the ident port if that option is enabled. I’ve had this router for many years and done this test a hundred times. I only recently installed the latest version of Comodo Firewall, and this is the first version I’ve used that failed to stealth port 113.
I clicked on the “Stealth Ports” button in Firewal Tasks, but it still fails to stealth port 113. This is disappointing, to say the least. I haven’t tried Proactive yet.
When I first installed Comodo, both Internet and Firewall Security were Active. Now, seems I can only activate one or the other, not both. Another frustration.
There are three profiles. Only one could be enabled at a time. Never changed.
I would recommend this test:
“Block all traffic” with comodo. Apart from those connections that are required to initiate the test.
It would be very unlikely when “blocking all traffic” would keep a hole open. Its the easiest thing to discover while development.
Also you can create a rule temporary(!) in global rules to allow the port 113 AND log this rule execution. That way the log would say: 113 allowed connection. While you performed the test.
This rule has the only sense to show your concern being logged, if it actually happened. Still, dont forget to erase the rule later!
I can tell you my experience. Since i use a router, it doesnt matter much if i enable its firewall or not. A little things get logged by comodo. But its never like with a modem, where comodo had to block everything.
That leads to my conclusion that a router solves the majority of “unrequested” attempts on its own. This means, it could also answer to requests on its own without letting the data reach the computer at all.
NOTE: 113 gets used by worms. Dont forget to erase the rule! Dont create the rule for test if you got requests of a file that demanded that port!
Of course, I want my router to handle ALL port requests. That is my first line of defense against internet intrusion. But, it is an older, inexpensive home/office router that has known vulnerabilities, even with the latest firmware.
Comodo is my second line of defense, and I fully expected this version to stealth all ports, just as previous version have done. I will try to setup port logging as suggested and see what results I get.
Until now we try to figure out if the router responses.
There are many reports of routers who do surprising things, lately.
Since i have my router, i can not test comodo at all with conventional web interface tests. I keep my comodo rule set like i made it for the modem. Full protection with desktop firewall. Just in case
While my logs are usually staying empty now (apart from icmp if the router firewall is off).
Port scanners are going to be probing your router, not your software firewall.
In order to test your software firewall properly, you’ll need to set your PC in a DMZ on your router.
Until you’ve done that, your router is likely the culprit of leaving a port open.
You’re right, HeffeD. It occurred to me a short time ago, after re-reading Clockwork’s reply, that the port scanner was still scanning the router’s ports, not the Comodo firewall, because my PC was still behind the firewall. Duh!
I put the PC in the DMZ (for testing) and Comodo is working like its supposed to.
Thanks for the responses, guys!
You’re welcome. I’m glad it’s working properly for you.