I am obviously trying to stealth my SMTP port 25 and location service port 135. I can not achieve this by setting the stealth ports wizard to block all connections. They are closed but visible on symantic online security check. HELP! :o
It sounds like you are connecting to the internet through a router. (Most broadband modems have a built in router) These online port scans are actually probing your router, not your software firewall. In order to test your software firewall, you’ll either need to disable NAT, or set up a DMZ on your router. Consult the documentation that came with your modem/router for details on how to accomplish this.
What security programs are you using? An AV with email filter may cause the SMTP leak.
What type of connection are you on? The other port, 135, is part of NETBIOS protocol that is used to share files and printers on a local network. When you are connecting to the web with just a modem with no router (typical for cable internet) make sure to disable NETBIOS as you don’t want to share with the rest of the world (or subnet of your ISP).
How to disable NetBIOS on the Internet Adapter for Windows 2000/XP/2003.
To disable NETBIOS
I use CIS and SafeSpace (browser virtuallization) and my connection type is ADSL/DSL (local network with internet access).
I’d recommend you try running a stealth port test at a couple of different sites, in addition to the Symantec test:
See what results you get from these.
In addition, port 25 should really not be showing up on a client computer unless you’re running some application that is holding it open, such as a mail server. Port 135 is a slightly different beast and whilst it’s possible to disable the RPC locator service, I recommend you don’t.
I suggest you open a command prompt and type netstat -an and see if you can see port 25 and if so, the state, Listening, Established, Time wait etc. port 135 will almos certainly be shown as listening.
By the way, you didn’t state if you have a router or not?