Port 0 and Port 1 not "stealth"

I am reporting everything I could think may be relevant, for your tech staff, here.

I am interested in having all ports stealth, to avoid malicious attacks on the old Windows PC I have brought back out of storage and updated.

I don’t go internet places that are especially problems. However, I have experienced Windows OS computers attacked, netbook, laptop, PC or public library.

I wouldn’t have Windows OS, except I use some windows-only software.

In the “Stealth Ports Wizard” I selected “Block all incoming connections and make my ports stealth for everyone”.

GRC Shields Up! reports port 0 and port 1 are “closed” not “stealth”. They are only “closed”.

All other ports are “stealth”.

I noticed “View Firewall Events” has no items to show. I would think the GRC Shields Up! test would show up there, for port 0 and port 1. Maybe not.

I have Alltel Broadband Connect USB data plan, if that matters.

How can I have port 0 and port 1 “stealth” as well?

Is your modem connecting to a wireless router, or perhaps has a built in router? The ShieldUp! test will probe whatever is between you and the internet. If you are connecting through a router, the router will be probed instead of your software firewall.

I only have the Pantech USB stick, provided by Alltel.

It uses cellphone service protocols.

ShieldsUp! shows:

Your Internet connection’s IP address is uniquely associated with the following “machine name”:


BrowserSpy.dk shows me located near Wichita, KS.

I am in Montana.

Maybe this information is helpful?

Should I run Comodo without “stealth” selected and report the results?

I could only select Alert me… and I blocked the incoming request. I had the same result.

Then your software firewall isn’t getting tested.

In my opinion, it’s really not a problem. The ports are closed. It doesn’t matter if they’re stealthed. And if someone does get past whatever gateway/router you’re behind, they’ll then encounter your software firewall. :slight_smile:

But if it’s really important to you that these two ports show stealth, you’ll need to either refer to your modems documentation, or contact the manufacturers technical support to find out if this is possible. It may not be.

I will see what I can find out, from Alltel.

I do a lot of development, and the like. I run into “script-kiddies” who like to harm Windows OS. Nevertheless, I like to encourage the “kids” to know more.

I was hoping this software and this access is a really secure one.

I heard about Comodo at the Eeec forum.

The software is secure. Unfortunately the way GRC’s test works, unless you have a direct connection to the internet, it’s not going to be testing your PC’s defenses. However, like I said, that does mean you have another layer of protection between you and the internet. :slight_smile:

Here’s my recent experience with this issue that may lead somewhere.

I run 2 rigs XPsp3 & Win7sp1 through Internet Connection Sharing(ICS) on the XP rig that is running CIS 5.3.181415.1237. Internet via Cable modem.

I’m used to seeing a clean report from GRC Shields Up!, but noticed that since I connected my second rig through ICS I get back a ‘Fail’ from Sheilds Up! because port 0 & port 1 status is ‘closed’, but not ‘stealthed’.

When I first ran the Shields Up! scan from XP, my Win7 rig was powered off. When I turned the Win7 rig on and ran Sheilds Up! from it - I got a clean scan, all passed inc. ports 0 & 1. Meanwhile… back to the XP rig and I got a clean scan there too! Completely stealthed on both platforms.

Tryed to emulate original conditions by turning off the Win7 rig, and ran scan on XP but no change - still all stealthed. Then I switched OFF ICS in ‘Local Area Connection Properties’ (see attached pic) and bingo. Sheilds Up! reports ports 0 & 1 as closed, but not stealthed.

I’ll come back if I can get a better handle on what’s going on. Ideas from all very welcome.

[attachment deleted by admin]

port 0 shows closed here but not stealth, has been like that forever.

I think in older versions of comodo it didnt, i have all my ports open on the router, and they show open if i deactivate comodo, but when i activate comod, they all go stealth, except 0 which remains closed. I think its not with router itself :X.

Mainlly because i have in router every traffic redirected to my gaming/p2p PC, so comodo its the only security layer there.

Anyways port 0 doesnt seem to exist anywhere, isnt it a special port or sumthing like that? i cant put router rules for it

Anyways this should be looked for, other firewalls dont show that “problem”.

Are you sure your router forwards traffic on port 0?

Black_ice_Spain wrote:

Just to add note: I don’t think ‘closed’ ports are a major security issue, but an interesting anomaly. I prefer to be ‘invisible’ to port scanners, rather than perhaps being logged for further investigation.
Here’s some links for further info on ports 0 & 1.
grc.com - Port 0
grc.com - Port 1 TCPMUX
Wikipedia - TCP Port 1 Service Multiplexer

Also IMO, ‘other firewalls’ don’t always show a lot of ‘problems’.

Actually, it’s invisible, or “stealthed” ports that are the anomaly, not closed ports.

These closed ports are being caused by your router, not Comodo.

Check your routers firewall and uncheck the option to ‘block TCP flag scan’. Your ports 0 & 1 will be stealthed once again.

I only have the Pantech USB stick, provided by Alltel.

It uses cellphone service protocols.

If the OP is using this I doubt they’ll have that option. However, it appears to offer an ‘Advanced’ configuration mode, so that might be worth exploring.

In this case it may be that the ISP has closed ports 0 & 1 for everyone on their network?

I have used those mobile dongles and they are not very user-configurable-friendly and are usually locked up by the ISP.