Newbie to Comodo Firewall (Free) - Configuration Help

??? I just starting using Comodo Firewall (free version). The settings are in “safe mode”. I have performed a check/scan with GRC Shield’s Up. Everything passes except for the “common ports” where ports 80 and 443 were detected as “OPEN” and all other ports “STEALTH”. Is it ok for port 80/443 to be open? How do I do about making port 80/443 stealthy? I was anticipating using Comodo FW to replace ZoneAlarm Security Suite.
I had the same problem with port 80/443 with ZoneAlarm. There was another question to ask but forgot it for now. Anyway, all help appreciated. Thanks. :-TU

Are you using a router with a hardware firewall?

I do not have an external router. And, I probably should. But that’s another topic for now. I think, but not sure, that ports 80/443 may be open because the service provider is not blocking them. I’m only guessing. I am not an IT expert but as my user name implies … Iwanaknow! I do know that port 80 is the normal web/internet port (http) while port 443 is for HTTPS or so I have seen. I am an end-user. I do not have a server nor does my computer act as a server. And, I have only the one computer … no network. I am wondering just how “dangerous” these two ports are to me if not being blocked (stealthed)?! No too long ago while using ZoneAlarm GRC Shield’s Up reported all was stealthed and the only problem was that Shield’s Up was able to PING (ICMP - Echo). Now, with ZoneAlarm and more recently with Comodo FW, everything is ok except for these two ports. Sheeeesh! Anyway, thanks for the reply.

Did you select the 3rd option to ‘block all incoming connections and stealth all ports’ in the Stealth Ports Wizard (in the ‘Firewall’ tab)?

Every time I open CFW - click on FIREWALL - then Stealth Ports Wizard - the first option is always checked. I have selected the third option - clicked FINISH - a new window opens indicating “your firewall has been configured accordingly”. So at this point I don’t really know if the third option was in fact configured or not. I will do another Shield’s Up test when I close this.

Just did another scan … no change. Ports 80 and 443 still indicate OPEN. Oh well, guess i’ll just have to deal with somehow.

The stealth port wizard always shows the first option selected for some strange reason, even if set to the 2nd or 3rd. If you are not using any type of router or such, then I’m stumped. :-\ If both ZoneAlarm and Comodo both cannot stealth those two ports, then there is something else that is being looked over. Here’s a long shot, but is your Windows Firewall or any other security/network software enabled that could possibly be forcing these ports to remain open? Because the only way they could stay open?

My internet connection is via cable. I do not use a router. From everything that I am finding out is that the ISP or service provider, I believe, is allowing ports 80 and 443 to be open. I don’t know if I can block incoming
“requests” to port 80 and 443 and allow outgoing from me. If I did have a router chances are that maybe I could do something with these two ports. FYI … my service provider (to whom I am subscribed) is in the process of moving to a new provider (gateway) since the current one is causing problems. I believe testing is still ongoing presently and I heard that the new connection may be online around the end of the month. Just maybe the new gateway will be processing things differently in a good way! Thanks for the assist.

[quote author=FäɀïØ™ link=topic=57729.msg405741#msg405741 date=1276523961]
The stealth port wizard always shows the first option selected for some strange reason, even if set to the 2nd or 3rd[/uote]That is confusing can it not be adressed? Think I mentioned that before

I’ve seen it in the bug board. Not sure if it is a bug, or intentional. But yea, it is confusing for some users.

not to be smart but why would it be intentional to confuse. I am not new to comodo and i still find it confusing, not being certain if the changes are made. Is the bug board only available to mods?

Well, of course they wouldn’t intentionally make it confusing. Perhaps they did not know that users would have trouble with it. The only thing the stealth port wizard does is change your global firewall rules, so you can just check them to make sure it was configured properly (which is what I would do even if the one of the three options remained selected). But novice users don’t know that, so they think it does not work.

The bug board is here:

I ticked the bottom mbutton on the Stealth Port Wizard

My Global rules are

Allow IP out From IP Any To IP Any Where Protocol Is Any

Allow ICMP in from IP Any To IP Any Where ICMP message is FRAGMENTATION NEEDED

Allow ICMP in from IP Any To IP Any Where ICMP message is TIME EXCEEDED

Block IP in from IP ANY Where Protocol is any

Does the last one override the second and third.Should FRAGMENTATION NEEDED and TIME EXCEEDED messages be allowed

CIS rules are read from the top to the bottom. So by selecting the third option, you are allowing certain ICMP requests into your PC, and blocking everything else that tries to come in. The protocol ICMP is used for diagnosing network problems (e.g. ping). You can read more about it here. You also need the top “Allow IP out From IP Any To IP Any Where Protocol Is Any” because on outgoing connections, CIS checks the application rules first, and then the global rules. Using the ICMP rules depends on whether you think you need them or not, but you most likely don’t.

Sorry guys but you are getting just a bit in over my head! ??? I am new to Comodo. I am still trying to get familiar with just using CFW, much less attempting to understand and utilize “rules”! Sheeesh!!! :stuck_out_tongue: Anyway, I will close the article as far as I am concerned and “youse guys” can continue on with your discussion(s). Thanks to all. :-TU

Sorry Iwanaknow for going off topic. My fault. Something here reminded me of something I had difficulty with

Can you show a screenshot of your Global Rules? They are under Firewall → Advanced → Network Security Policy. This is to be sure CIS is set to Stealth.

May be there are still left over from Zone Alarm. Run their clean up tool and try again.

What other security or network related programs are running in the background? Try disabling them all and try again.

You say you are connected via cable. I assume you mean a coax (TV) connection. But then you probably have a cable modem with builtin router to connect to the cable. I suggest to read my reply at;msg439885#msg439885.

To sort things out you might open a cmd window and type ipconfig /all. Locate the default gateway through which your computer connects to the internet. Use this address in a browser window. If a connection occurs you will probably asked for an name and password. From there on i leave you to your self.