PORT SCAN FAILURE?? - WHY

Hi, downloaded COMODO Firewall, but when I use HackerWatch.org port scanner, I get the report below, why are the ports not protected, and can I protect them with COMODO Firewall?

Thanks

~~~~~~~~~~~~~~ test report below ~~~~~~~~~~~~~~~~	

Closed but Unsecure
21 (FTP)

This port is not being blocked, but there is no program currently accepting connections on this port.

Secure
23 (Telnet)

This port is completely invisible to the outside world.

Closed but Unsecure
25 (SMTP Mail Server Port)

This port is not being blocked, but there is no program currently accepting connections on this port.

Closed but Unsecure
79 (Finger)

This port is not being blocked, but there is no program currently accepting connections on this port.

Secure
80 (HTTP)

This port is completely invisible to the outside world.

Closed but Unsecure
110 (POP3 Mail Server Port)

This port is not being blocked, but there is no program currently accepting connections on this port.

Closed but Unsecure
139 (Net BIOS)

This port is not being blocked, but there is no program currently accepting connections on this port.

Closed but Unsecure
143 (IMAP)

This port is not being blocked, but there is no program currently accepting connections on this port.

Closed but Unsecure
443 (HTTPS)

This port is not being blocked, but there is no program currently accepting connections on this port.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	

Test complete.

Reachable ports were found. If these ports were not deliberately left open, there may be a problem with your firewall operation or configuration.

Greetings!

Are you using a router? If yes, it’s the reason for why not all ports are secure/stealth.

Cheers,
Ragwing

Hi and thanks Ragwing, I have a router, a Zoom ASDL X5 modem.
What can be done to protect ports etc?

Thanks for helping

If you plug the network cable directly in your computer, you’ll see that CFP will secure all ports. You don’t need to do anything at all, since they’re actually secure. It’s just that the router is checked, not CFP.

Cheers,
Ragwing

Thanks, Can anybody advise me how to go about securing the Zoom router/modem -?

http://zoom.custhelp.com/cgi-bin/zoom.cfg/php/enduser/std_adp.php?p_faqid=847&p_created=1089232535&p_sid=VPoi9-Ri&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PWRmbHQmcF9ncmlkc29ydD0mcF9yb3dfY250PTc0JnBfcHJvZHM9MjUsODImcF9jYXRzPTAmcF9wdj0yLjgyJnBfY3Y9JnBfc2VhcmNoX3R5cGU9YW5zd2Vycy5zZWFyY2hfbmwmcF9wYWdlPTE*&p_li=&p_topview=1

Hope this link helps.

Many thanks - read somewhere that using DMZ on a adsl router is a security risk?
Any comments - not strictly COMODO business, sorry.

Hi, dmz is the same as a direct connection to the internet. You will lose the inbound protection of the router and rely solely on the software firewall.IMO comodo will protect you without any problems.

Hello !
I have similar experience…
I’m connected directly to satelite connection (Wild Blue)…I’m not sure if the satelite modem is configurable…

When I go to “AuditmyPC” and run the Port Scan, I get similar results as the ones posted here. If I run the scan again (within a minute or so) only port 80 and 443 show up. If I run the scan again within a minute, I recieve a message saying no ports are showing and I’m completely protected.

When I go to the Comodo logfile, I can see a redball “High Severity” TCP Port Scan listed…I can also see the address of the “Auditmypc” website as well as “Medium severety” listing a number of Access Denied attempt/ports.

I’m not confident I understand how the “Auditmypc” website or my Comodo Firewall (v2.4.18.148)
are behaving…Am I protected ? It appears the logfiles are reporting such…

Any opinions, feedback or insight would be great…Thanks :>D3

If I’m not completely wrong, AuditmyPC is not the most reliable one. Try Shields Up! instead and see if you get the same results.

Cheers,
Ragwing

It doesn’t matter,the router will only forward incoming connections if you requested them…
and completely stealthing a computer is actually a rude thing to do, a bit like not answering people who talk to you or not picking up the phone …

And it’s pretty rude (and illegal) to hack random people to lol.

Thanks Ragwing,

@Shields Up, all were RED except ports 135-139 and 445 which were Green.
I cleared the Comodo logs, re-ran the Shields Up scan… The log showed the “RED-High”:TCP port Scan, and 2 other “Blocked by Protocol anaysis:Invalid flag combination” messages, as well as 2 “GREEN” Access granted on ports 80 and 443 for the Shields Up IP address…

It appears that something is amiss with my Comodo Firewall… The Component Monitor is on “Learning Mode” but I’ve block a majority of the components I felt weren’t necessary.
In the Application Monitor, I’ve blocked most of the application executables I felt were unnecessary.

Any suggestions ?

:>D3

As was previously said, and according to the trials i made myself, not only Comodo but no firewall in the world (i also did the tests with kerio, online armor, jetico…) will pass any of the tests (not relevant being shields up, grc, sygate, pc flank or whatever you want) as long as you router allows by default connexion to browsing, telnet, ftp and netbios ports.

The truth is that in such circumstance it is not your pc that are tested, but the router itself.

Mine has a quite symbolic firewall, which is not enabled by default, and is a little hard to enable through decoding the firmware.

I got stealthed of the tests only after enabling the router’s firewall, and you have similarly no hope whatsoever to get stealthed if you don’t act on your router itself.

YEAH WHY ??? >:( :o :o :o :o
i tried to use shield up test. i have port 22, 80, 443 colored red (:AGY)
i’ve tried the same test before using the first CFP3 final version, and it pass. hhm, what did i do wrong?

edit :
i think this only happen when i’m using a PCcard to connect to internet. (how do i stealth it?)
i’ll test my comp tomorrow using dial up connection