Prevent Remote Acess

Hi,

I was recently hacked, though sort of hacked. Some one was able to remotely access my system and shared my screen with others.

Back then i was living in dark ages and didnt had firewall on my system. Now i have installed Comodo.

Though i have tried my best to colose most windows services and limited acess to my system. But when Shields Up still telling me that few ports are hidden , couple are closed and rest are open ( mostly open ) .

Here are my Global rules :

Allow IP Out from IP Any to IP Any where protocol is Any.
Allow ICMP In from IP Any to IP Any where ICMP message is FRAGMENTATION NEEDED.
Allow ICMP In from IP Any to IP Any where ICMP message is TIME EXCEEDED.
Block and log IP In from IP Any to IP Any where protocol is Any.

Appllicatioins which i have allowed uses following policies
Predefined Web Browser Policy
Predefined Out Going Only
IP out to port 80
TCP out to port 80 / 443

I am using windows XP SP3
Are these settings safe enough to save me from remote access hack ?

I use the 3rd option in the ‘Stealth Ports Wizard’ - when I run ‘shields-up’ it tells me all my ports are invisible to the outside.

Firewall-> Stealth Ports Wizard → Block all incoming connections and make my ports stealth for everyone.

After that, if a known exe wants to make an outside connection, I answer ‘outgoing only’ and ‘remember’, or if it’s my browser I answer ‘web browser’ - ‘remember’
8)

I already did that , but still showing ports as open… it might be coz i m using router .

Can i close routers port ?

And if i for some reason my router doesnt allow me to close ports , are rules safe enough to save my a…

You CIS Firewall is optimal enough; but if you are paranoid like i used to be :smiley: you can follow the bottom instructions…

GRC does not test your Computers Firewall (Unless you have a direct connection)
What Make/Model of the router do you have?
and If you go to Start > Run > “cmd” > “ipconfig”
(Without the “”)

Look for:
Default Gateway . . . . . . . . . : 10.0.20.1
(These numbers may be different)
Then open up your browser and type in these numbers including the dots.

This should point you to your router’s configuration panel. (This is where you can configure your router.

Hope this helps

Jake