Stealth/Closed but Unsecure Ports Question [RESOLVED]

Hi fellow Comodo Firewall users! I’ve been browsing the forums for a while now and decided to join. Reason is I couldn’t really find a definite answer to my question. I ran a few tests from PCFlank and also from and results came up telling me that I have “Closed but unsecure” ports. How do I go about securing/stealthing these ports?
-I have the latest version of Comodo.
-I’m running Vista Home Premium 32bit.
-During installation, I left everything to default so I presume I must have the default rules in place.
-I have a wireless connection directly from my DSL modem, no router.

Heres a few screenshots. I’ll gladly take more if needed.

So what do I need to do? ???

[Topic Closed: If issue returns PM an online mod to open]

enable port stealthing?.. normally this is not needed with default settings unless you messed something up…

Yeah I have stealth port enabled. But just those other ports aren’t in stealth mode. Any clue as to why? I’m pretty sure I didn’t mess anything. Any suggestions or recommendations?

the screenshot you provided does look like your ports aren’t stealthed, but when firewall notices the connection limit (e. g. 50 connections from 1 address in 5 seconds) - it just blocks out the IP, making those ports green. It might not be true, but this is what it sure as hell looks like. can you please post your global rules here?

Try running the “stealth ports wizzard” from “firewall > common tasks”

i’m going to sleep right now so i won’t be able to read your reply until tomorrow morning. but anyway here are my rules.
note that i have some custom rules also, but they would be no help for you as they apply for me only.

Outgoing - Allow all outgoing from anywhere to anywhere
Block external ICMP - Block all incoming ICMP from outside my LAN (this blocks out ping, the test you’ve failed on GRC. I guess you should block all ICMP since you have no LAN, but this will cause troubles with tracing, so if you need it - you might need to allow specific ICMP packets to pass through)
Block all - Block everything else (this blocks out everything not mentioned by other rules if placed in the bottom. We didn’t allow any incoming connections and so they will be blocked, which should make you pass the other GRC tests)

Are you behind the NAT?
If so there is no need to worry about as it is not your computer’s ports that are not stealthed.

well this does look like a valid set of rules, but anyway i suggest you to try out what i’ve described above. It’s not so difficult to build your own rules, just make sure they’re in the right order - allow first, block last.

I did. I tried all 3 options it gave me.

How do I go about creating these rules? Firewall>network security policy>global rules…then what?

By the way, thank you guys for the effort!

Firewall>network security policy>global rules...then what?
then Add... and carefully input each field.

but of course first delete your old ones!

I don’t I am. At least not to my knowledge. I’m just running a wireless connection from my dsl modem downstairs. No router.

Something like this?


first of all, remove all the rules. i mean ALL.


the first rule you create will be block rule. that is:

Action: Block
Protocol: IP (NOT TCP/UDP)
Direction: In
Source/Dest/Ports/whatever - Any

Then you need Allow Outgoing rule, that is:

Action: Allow
Protocol: IP
Direction: Out
Source/Dest/Ports/whatever - Any

make sure the “Allow” rule is ABOVE “Block” rule

And finally you should explicitely block Incoming ICMP (for extra confidence)

Action: Allow BLOCK /sorry, my bad… too sleepy…
Direction: In
Protocol: ICMP
Source/Dest/ICMP - Any

make sure this rule is above every other rule!

that should be enough. try it.

i’ve corrected my previous post… just making sure you reread it and reconfigure your rules accordingly

Alright I followed it. Gimme a few minutes to run the test again.

This is what I did as followed:

But I still failed:


OK so this is not COMODO’s fault, this is either your DSL modem responds to ping when it shouldn’t, or it’s your ISP to blame

Oh ok. With that being said, am I okay to keep these settings?

Also, is there any other course of actions I should take given that its either my modem or ISP’s fault to make myself secure/invisible?