Scan behind a router

I am behind a NAT router, and running Comodo Firewall 2.4 (of course ;D) on my machine. I passed the scan with flying colors…

After that, I did a second scan (for testing only) with the router’s firewall off. The report showed a few security holes.
My question is, did the HackerGuardian passed through my router and scanned my machine? I don’t think so.
If not, is there a way to scan my machine when behind the router?

The only way to scan your computer directly is to turn the router’s firewall off as you did.

This would only be necessary to tweak COMODO firewall when it is first installed or when trying to get a program to work through the firewall so that you can test it’s settings with an online scan.

Having two firewalls between yourself and the internet should do no harm, but it helps to remember that when trying to get file sharing programs or games to work on the internet.

The only way I know to do this is to port forward ALL ports from the router to the PC you want to test. Turning the routers firewall off unfortunately will not alter the state of the routers ports.

Ewen :slight_smile:

I found the option “Exposed host” on my router, which (i guess) forwards all ports to my computer. I initiated the scan, and still received the same security warnings/holes. And the CFP has logged hundreds of TCP inbounds, mostly comming from China and other Asian countries.

I still don’t know if it was my computer being scaned, or just a router. I’ll try to connect with a dial-up modem, and then run a scan…

OK, well different routers act differently with different options selected/ unselected. I had assumed by your description that the router just turns of the firewall and as you said forwards all ports to the computer.

If you want to make 100% sure, then connect the RJ45 port from the wall to your computer. Without the router in-between.

The router i have does not allow the NAT function to be turned off (-: , i think it is trying to protect me from myself (:TNG) .

I guess it should be that way, but the router seams to have a mind of his own…

I’m affraid it’s not possible since I have a router and DSL modem integrated into one device. I’m planning to connect with ordinary 56K soft modem (dial-up), to make sure there is no router between me and the Internet. But that’s going to wait untill the weekend.

Same thing here ;D. In fact I can turn it off, but then I loose Internet connection.

I edited my last post because i said “Connection” instead of “Connect”, i think that i might have a broken nerve between my brain and hands (-: .

If Hacker Guardian can’t scan your computer, doesn’t that mean a hacker will have the same problem, meaning you are secure?

Yes, if a hacker tries to run a port scan then yes they would face the same problem.