Strange Shields Up Test - Half Open, Half Closed

I am using Comodo 3.0.25.378 on Vista Premium 32, with Windows Firewall disabled. My laptop is set to DMZ on my 2Wire router, on which I have disabled the “Stealth mode” option

I have been consistently getting the attached Shields Up scan, with nearly exactly half the ports stealth and the other half closed (and arbitrarily cyclic every 32 ports).

Some variables I have changed:
Windows Firewall disabled, Comodo enabled, DMZ, router not stealth mode : strange results attached.
Windows Firewall enabled, Comodo enabled, DMZ, router not stealth mode : same results.
Windows Firewall enabled, Comodo disabled, DMZ, router not stealth mode : same results. [This suggests that Comodo is basically doing nothing]
Windows Firewall disabled, Comodo disabled, DMZ, router not stealth mode : ports 1-103 inclusive closed; ports 0, 104-1055 stealthed [probably some adaptive firewall built into the router?]

And with the hardware router firewall on stealth mode:

Windows Firewall disabled, Comodo disabled, DMZ, router on stealth mode : ports 1-15 inclusive closed; ports 0, 16-1055 stealthed
Windows Firewall enabled, Comodo disabled, DMZ, router on stealth mode : all stealthed
Windows Firewall disabled, Comodo enabled, DMZ, router on stealth mode : all stealthed
Windows Firewall enabled, Comodo enabled, DMZ, router on stealth mode : all stealthed

I know about the stealth/closed debate - I’m here to ask about the seemingly nonexistent effect of Comodo Firewall on the port scan. Is this normal behavior for Comodo firewall, and if so, why.

[attachment deleted by admin]

If your router is not in stealth mode, it is probably responding to GRC with a NACK for each port scan, but don’t know why half are not responding. Have you run the Stealth Ports Wizard with Comodo? Without a router this should stealth the ports, but can’t do anything if the router is responding already. All stealthing does is turn off the NACKs that occur with closed ports.

I think there is an option in the firewall which allows you to specify certain ports to be stealthed, you can use the stealth port wizzard…

I have played around with the Stealth Port Wizard - it doesn’t have any effect on the port scan. In fact, it doesn’t seem like there’s any real life difference between any of the three selections that I have encountered. (The per case basis mode never asked me about anything except one port (136) during the port scans.) And yes, I have verified using Diagnostics that the installation is intact. Any other ideas?

Could you try a scan with higher portnumbers, looks like after 1023 everything get’s green.
As the first 0-1023 ports are reserved this could give us a hint…

GRC will be scanning your router, not the software firewall.

Do you get the same results if you disable COMODO?

I’ve tried port scans from 1024-1503 and several other ranges - all stealth with Comodo active, Windows Firewall off, DMZ, router firewall off. Basically Comodo is the only thing that really stands between my computer and the port scan, excluding the adaptive firewall of the router that I can’t turn off - but that doesn’t matter because I scanned 64 ports at a time, which is less than the 103 needed to kick up the router’s adaptive firewall.

The ports are closed if Comodo is turned off, so at least now Comodo seems to be doing something for 1024 on. Just not for the reserved 0-1023

Hi Strategist,

Can you post a screenshot of your global rules (Firewall, Advanced, Network Security Policy, Global Rules) ?
If you disable the CFP and get all ports closed then there should be something else interfering the scan results.
Normally you should see open port also if there is no firewall in between.

Maybe the adaptive firewall feature is not working correctly, or depending on the time left between scan’s maybe it counts to 103 over a time frame of 30 minutes or so ? Can you find more info on that in your router manuals ?

I don’t know where my router’s manual is, or if I even got one. It’s a DSL modem/router >:(

Could it be Vista that has an adaptive firewall built in? Not sure.

Attached is a screenshot of the global rules

[attachment deleted by admin]

You need to properly configure your router first. I cam pass Shields Up without any software firewall installed? Have you check the Manufacturers web site?