INFO: Should I use the "Stealth Ports Wizard" ?

Jack_Bauer · March 3, 2008, 6:40pm

Is it necessary to use the “Stealth Ports Wizard” within CFP? I did a PCFlank test and a ShieldsUp test and all my ports are stealth. If it is necessary then would using the “Block all incoming connections - stealth my ports to everyone” be fine? By the way this is the only computer connected to the internet, so I don’t have a network going.

Sm3K3R · March 3, 2008, 8:57pm

Its not necessary but you have the option.This Wizard will add some rules in the general rules section so if you need to make your computer visible you can then modify there rules or you can use the wizard again.

Jack_Bauer · March 3, 2008, 9:51pm

I chose the “block all incoming connections option” and the following rules were created:

Allow IP Out From IP Any To IP Any Where Protocol Is Any
Allow ICMP In From IP Any To IP Any Where ICMP Message Is FRAGMENTATION NEEDED
Allow ICMP In From IP Any To IP Any Where ICMP Message Is TIME EXCEEDED

How does this make the firewall more secure if it is allowing these connections?

lightwind · April 9, 2008, 9:26pm

This might be a really obvious question to the experts out there, but where in CFP do I need to go to look at the rules which the Stealth Ports Wizard has created?

And is it clear which rules have been created by the Wizard and which are the standard rules that existed before, so that I can reverse the effects of the Wizard if I need to? Any advice on this would be appreciated.

system · April 9, 2008, 9:39pm

Jack, you should also have a rule at the end that blocks and logs all inbound connections. When you do this, you need to make a few rules for exceptions. Do you have a router? The allow IP out is redundant-I don’t use any global rules. Don’t know why Comodo selected this particular subset of exceptions for this option.

lightwind,The stealth port wizard adds its rules to the global rules, for most users there aren’t any previous.

ggf31416 · April 9, 2008, 10:07pm

The default mode is “Alert to incoming connections”

lightwind · April 10, 2008, 6:50am

Thanks for your help on this! :Beer

riggers · April 10, 2008, 5:06pm

The only “Global Rule” created at set up is Block ICMP from IP any to IP any where ICMP message is ECHO REQUEST.

The stealth my ports to everyone gives you 4 rules as below.

Regards,Matty

[attachment deleted by admin]