Recently I have installed Comodo Firewall 5.8 for the first time (with Defense+, without antivirus and without sandbox). I have tested it with Shields Up (www.grc.com). Unfortunately Comodo firewall failed the test, because port 113 appears as closed not stealthed. Port 113 appears as closed also on scan websites other than Shields Up. The issue is described here: GRC | Shields UP! -- Internet Connection Security Analysis
What can I do to make the port stealthed? Despite the fact that the problem is described on the following pages I found no solution there:
https://forums.comodo.com/firewall-help-cis/port-113-is-closed-t78487.0.html
https://forums.comodo.com/empty-t59809.0.html
https://forums.comodo.com/firewall-help-cis/network-securityglobal-rules-set-right-t56683.0.html;prev_next=prev
https://forums.comodo.com/leak-testingattacksvulnerability-research/protocol-t42471.0.html;prev_next=next
https://forums.comodo.com/help-for-v3/port-113-ident-closed-t22642.0.html
https://forums.comodo.com/help-for-v2/home-network-set-up-t16592.0.html;prev_next=prev
https://forums.comodo.com/help-for-v2/not-stealthed-t7178.0.html
https://forums.comodo.com/help-for-v2/failed-shields-up-test-port-113-is-closed-but-not-stealthed-resolved-t2799.0.html
A moderator on Polish forum wrote in thread https://forums.comodo.com/polski-polish/widoczny-port-113-t78319.0.html that he already wrote a letter to Comodo support and they told him to contact via GreekBuddy. I have contacted Comodo staff through GreekBuddy but they won’t help me since I haven’t bought their support.
I have Polish version of up-to-date Windows XP SP3. I am connected to the internet via HSPA+ USB modem named Sierra Wireless USB 307. I don’t use any router nor hardware firewall. I don’t share files or access a printer etc. through Microsoft Networks. I have installed one IRC client: ChatZilla plugin for Firefox, however I do not use it. I have no email server installed on my PC. I use Outlook Express as an email client. I use uTorrent, however I haven’t used it recently. I use Avira Free Antivirus 12. Previously I used Sunbelt Personal Firewall. I installed following security applications: Spybot - Search & Destroy, Lavasoft Ad-Aware, Nessus, Secunia PSI; and following utility applications: Net Balancer, Microsoft Virtual PC.
My configuration of Comodo firewall:
- during installation (all default):
- don’t use Comodo Secure DNS Servers
- enable ‘Cloud Based Behavior Analysis’ of unrecognized programs
- install Defense+
- in Stealth Ports Wizard I tried the following two settings with the same result:
“Block all incoming connections and make my ports stealth for everyone”
“Alert me to incoming connections and make my ports stealth on a per-case basis” - in “Alert Settings” tab I unchecked “This computer is an internet connection gateway”
- my global firewall rules (default when “Alert me to incoming connections and make my ports stealth on a per-case basis” is used):
block ICMP Out Where ICMP Message Is Protocol Unreachable
block ICMP In Where ICMP Message Is: 17, 15, 13, Echo Request
I also tried to create a global rule that blocks incoming requests on port 113 but it changed nothing.
In Comodo “Active Connections” window there is no process using port 113.
I know that I am quite secure but stealthed is a bit more secure than closed.