Port scan at hackerwatch.org

i did a port scan at hackerwatch.org to see how secure i was with comodo firewall. after it finished i realized wasn’t very secure at all. it reported that i had many ports vulnerable to attack, so my question is how do i block ports with comodo firewall? if i can’t then it’s not quite good enough

[Topic Closed: If issue returns PM an online mod to open]

Are you a hacker?

What ports are listening on your PC? You can find out by issuing this command at the command prompt:

netstat -an

On a Windows NT/2000/XP system, you can always enable TCP/IP Filtering to block specific ports or allow only certain ones.

If you installed with “auto” and have the default network monitor rules, all your ports should be in stealth.
You block ports in network monitor, but that isn’t necessary if it’s installed correctly.
You can’t find a safer firewall…

To be really safe you can disable some services and then some vulnerable ports gets closed.

Besides stealthing your ports.
You can look at the leaktest PDF here. http://www.personalfirewall.comodo.com/Comodo_Firewall_2.3_vs_The_Leaktests.pdf

You can download a program here that close some worm doors.


Did you figure out why you got that result yet?

surely you will have realised by now that CPF is fairly secure.



If you are behind a router the firewall test will be testing your router not CPF.

This may be a dumb question, but here goes. Many of these tests have to do with Internet Explorer, so what does Comodo do to protect FireFox? I love and use this firewall, and wouldn’t trade it for any other, but I am also a Firefox user. Does the protection have to do with Ports? Or is that another dumb question. LOL. Take care everyone.


CPF is monitoring and controlling ports. Providing you have previously accepted IE and FF as safe applications, it (CPF) doesn’t care if a http request was generated by IE or FF, just that there is a request to use internet access to contact a server on its port 80 and receive a response back from the server.

Hope this helps,
Ewen :slight_smile:

That, or even your ISP’s proxy server .The scan page should indicate the ip address it is scanning. Write it down, then open a command line and type: ipconfig

The ip address is your machine’s.

I did a default installation of the firewall, and after following the instructions to make AVG work, the firewall appears to be very effective.

I did a scan using SHieldsUp and found all ports were in stealth except Port 2. I still haven’t figured out how to put Port 2 in stealth mode. Help appreciated.

Since port 2 is used by virus or trojan, you can block it. I don’t know of any useful stuff it’s used for. If anyone knows something about it, feel free to reply.
Make a new rule in network monitor in the TOP of the list. Block tcp/udp in port 2
Then you should also pass the portscan.