Hi, I am running Azereus, and have configured the firewall to only allow one port open for it. However, this means that the port will appear open during scans, and thus my computer will be vulnerable due to this open port.
I would like to ask if there is a way to hide this port from port scans, whilst still allowing Azereus to function properly? Thanks!
When you say you have “configured the firewall to only allow one port open for it”, did you create an application rule or a global rule?
If you have created an application rule, then the port is only opened if there is an application running and listening on that port. If you have created a global rule allowing inbound access, then it is open to anything accessing that port, regardless of whether your P2P app is running or not.
Hope this helps,
I created an application rule, so the port only shows “open” when the P2P app is running, but I am wondering if there is a way to configure the firewall so that the port seems to be closed even when the P2P app is running…
This seems to be possible with processes such as “System”, which the firewall shows to be listening on port 139, but when I probe port 139, it is actually closed.
I hope I’m not overlooking any simple things
There are a lot of different states a port can have, not simply open, closed and stealthed. The thing to understand is the difference in how applications require access to their respective ports.
Some applications, for example a browser, make a request to a web server to load a page. This requires the browser to create the request, choose a port and send the request to the web server which listens on port 80.
Example, Browser is asked to get a web page:
Browser chooses a port through which the request will be sent, say 52100.
Browser sends the request to the server which is listening on port 80
Server accepts the request and sends the reply to the browser on port 52100
This is called a response to a request and does not require a special port to be opened to allow this.
Other applications, for example, p2p, work differently. Invariably an inbound port needs to be specified, on which to accept requests. The reason for this is because the requests can originate from virtually any port.
In the situation with regard to p2p the only application that is receiving requests is the one for which you have specified a port, that is, it’s only that application that’s open and listening on that port.
Hope that makes sense.
All I did was forward the port I use for utorrent in my router. As far as rules go, I just let CIS create it’s rules for utorrent in the normal fashion it employs in clean PC mode. The port still shows as being stealthed when not in use.