So how can i achieve full stealth.??

??? So how can i adjust the comodo firewall to make it stealth all the time.??
I had it once but now i lost it again.

I did a firewall scan here:> [url]Shields UP!! — System Error ( click on " all service ports" )

Here is the results i got.

GRC Port Authority Report created on UTC: 2006-06-04 at 03:35:26

Results from scan of ports: 0-1055

0 Ports Open

31 Ports Closed
1025 Ports Stealth

1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be CLOSED were: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
10, 11, 13, 14, 15, 16, 17, 18,
19, 20, 21, 22, 23, 24, 25, 26,
27, 28, 29, 30, 31

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- A PING REPLY (ICMP Echo) WAS RECEIVED.

I would like to get those 31 ports that are now just closed to go Fully Stealthed if i can, Can someone help me with this please.?? I really want all 1056 ports stealth, I would feel much better… :wink: (L)

Hi Jason.b.c and welcome to the forums.
CPF will stealth all ports by default. How do you connect to the net,dsl/cable, modem/router,ect.? Hope this helps, tim

(L)

If you are behind a router (which I guess is your chase) read this first

https://forums.comodo.com/index.php/topic,207.0.html

maybe you will find the answer there :wink:

I’m only just regular old 56k dial up modem…

It will stealth all ports by default…??? What do you mean.? Mine didn’t… :o

From the results i provided up there you can see that almost all of them are though, Thats good huh.??

Any additional info would be much appreciated… Oh and thanks for the welcome… Your welcome… :wink: :slight_smile:

Go to “Network Monitor” and check if there is the default “block IP in” rule

It says Allow, So i’m supposed to change that to Block…?? Won’t that cause me problems with getting on the internet…??

??? What else.?

Hi, pls edit this rule to block.
[url]http://scan.sygatetech.com/[/url] here is another test site of various tests for the firewall.

There should be two rules.

The first is ALLOW OUT - this gets you on the internet and able to receive responses to your outbound queries.

The second rule is BLOCK IN - this blocks ONLY UNSOLICITIED STUFF FROM THE INTERNET. This does not block data coming back to your PC as a result of your PC asking for something.

Hope this helps,
Ewen :slight_smile:

That does help me, Very much… ;D I thank you guy’s so very much… 8) I’ll try that and i’ll let you know…

EDIT: Wait a sec, I checked in there and i’ve got ( 3 ) three rules.

                       [i]Source[/i]     [i]Remote[/i]                     [i]Criteria[/i]
           IP. out       Any             Any                       Where IP Proto is any.
           IP. in         [b]"[/b]                [b]"[/b]                 Where IP Proto is any.

TCP/UDP in/out " " Where source/remote port is any.

Should the third one be there.?? Should i remove it…??

" IP. out Any Any Where IP Proto is any."
This rule is OK, providing the action is ALLOW, as it allows any IP outbound access to any other IP by any protocol.
" IP. in Any Any Where IP Proto is any."
This rule is OK providing the action is BLOCK as it allows any IP inbound access to your PC protocol. If the action in not set to BLOCK, then this rule is BAD - VERY BAD, as it is allowing all IPs access to your PC by any protocol.

" TCP/UDP in/out Any Any Where source/remote port is any."
This rule is NOT OK. If the action is set to BLOCK, you’ve stopped all traffic. If the action is set to ALLOW you are allowing ALL traffic.

I repeat,

Other than the rule for allowing traffic across your Home LAN, there should be two rules.

The first is ALLOW OUT - this gets you on the internet and able to receive responses to your outbound queries.

The second rule is BLOCK IN - this blocks ONLY UNSOLICITIED STUFF FROM THE INTERNET. This does not block data coming back to your PC as a result of your PC asking for something.

It doesn’t need to get any harder than this, unless you have application specific requirements.

Hope this helps,
Ewen :slight_smile:

" TCP/UDP in/out Any Any Where source/remote port is any." This rule is NOT OK. If the action is set to BLOCK, you've stopped all traffic. If the action is set to ALLOW you are allowing ALL traffic.

I repeat,

Other than the rule for allowing traffic across your Home LAN, there should be two rules.

Ok, So then if i set this one for block and it stops all traffic , Did you mean that it blocks all traffic or just the unsolicited ( unwanted bad ) stuff .??

I understand the other two rules now, I just didn’t understand if i had to just totally block this third rule or does it need to be altered in some way.?

Do you understand what i’m trying to say.?, Like that rule say’s Any Any Where source port / remote port is “Any”. All i need to do is set it to Block.?? And thats it.??

See the only reason why i’m asking is i don’t understand why the comodo firewall even made this rule to begin with if it’s not supposed to be there.

But i understand what your saying, it dosen’t need to be any harder if it dosen’t need to be.huh.?

A rule like this: Block, TCP/UDP, In/Out, Any, Any, Where portproto is any
Will block all trafic and it does not exist. You can create it if for some reason you want to block all traffic for some reason.

The only block rule that is made during installation is:
Block, TCP/UDP, In, Any, Any, Where portproto is any
and is the rule that protect you from attacks

“Will block All traffic and does not exist”.?? What do you mean.? I have it in there.

I set it Block now, And i’m still able to get around on the internet, So i guess i’m ok there…

Yeeeeeeesssssssss.!!! Awesome…!!

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
GRC Port Authority Report created on UTC: 2006-06-05 at 23:13:54

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed

1056 Ports Stealth

1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

I got it back…! Awesome… Thank you… (R)

::slight_smile: Yeah… Right… In what position is your rule?

Try to move it up in position #0. And then try to connect in any page you want.
None will open. Every trafic accept ICMP protocol will be blocked ;D

Hey Jason,

What pandlouk was alluding to was that the firewall executes the rules in the order the appear in the rules list. Because your “block everything” rule was below your “let me out on the internet” rule, you were allowed out to play. If the block rule was raised to the top position in the list, then it woiuld have been executed before the “let me out” rule and you would have been blocked.

Hope this helps,
ewen :slight_smile:

#3 position… Why…??? How does that change it so much…? Changing positions…

Hey Jason,

What pandlouk was alluding to was that the firewall executes the rules in the order the appear in the rules list. Because your “block everything” rule was below your “let me out on the internet” rule, you were allowed out to play. If the block rule was raised to the top position in the list, then it woiuld have been executed before the “let me out” rule and you would have been blocked.

Hope this helps,
ewen :slight_smile:

OH.?! Ok, I get it now… So do you think i have everything set up good now…?? I passed the test… Yah.! ;D