I’ve been having a problem for almost two weeks now, and decided it’s time to ask for help as I’m quite stumped.
I bought a new computer and installed comodo on it. Everything worked fine the first day, all ports were shown as stealth on grc. However, the next day, I noticed port n°1024 was closed. I rebooted my computer, still closed. Disabled comodo and activated windows firewall, still closed. The only way to make it stealth again was to reboot my modem. I thus deduced my ISP must have been at fault. I contacted them when the port was closed, and they told me it was open in my modem and everything was working normally. It seems the port closes after 20 hours or so, but it might be random.
Now, if this was just an issue of a port closed, I’d leave it at that. The problem is that I once caught it open while I was doing a random scan. It closed after a couple minutes. Comodo didn’t see any traffic at all. When the port is closed, nothing is being logged either (scans show up on the log when it’s stealthed).
I have no clue what could be causing this. If someone has any idea what’s going on, I’d be grateful. I’m on windows 10, by the way. I’ve restricted access to the internet to most windows processes (like explorer or backgroundtask), but I don’t believe restricting them could give them the power to open and close a port instead. I’m an amateur though, so I’d like the opinion of experts.
If you are using a router that could be were the non-stealth port is coming from, also make sure you run the stealth port task under firewall task and choose block incoming connections.
My computer is on a DMZ, but I do have other devices behind a router. Perhaps one of those devices is the one opening that port and the router doesn’t close it properly? (i.e, the port isn’t directed to the DMZ anymore, hence why comodo doesn’t see anything). I don’t really know how it works.
I’ve been using “alert me of incoming connections” and been blocking them on a case by case basis, since I do need to open some ports for some applications. It works perfectly (utorrent port for example goes back to stealth as soon as the app is closed). The only problem is with that port. I’ll try making a global rule specifically blocking that port completely (both incoming and outgoing) and I’ll see what happens. If the port still changes states, then my computer isn’t at fault, right?
I've been using "alert me of incoming connections" and been blocking them on a case by case basis, since I do need to open some ports for some applications. It works perfectly (utorrent port for example goes back to stealth as soon as the app is closed). The only problem is with that port. I'll try making a global rule specifically blocking that port completely (both incoming and outgoing) and I'll see what happens. If the port still changes states, then my computer isn't at fault, right?
Yes if you specific block the port on your computer and you still a closed response from the port scan then yes you can rule out being your computer and can be pointed to the router or another device.