Stealth Ports Wizard
Port Stealthing is a security feature whereby ports on an Internet connected PC are hidden from sight, evoking no response to opportunistic port scans.
General Note: Your computer sends and receives data to other computers and to the Internet through an interface called a 'port'. There are over 65,000 numbered ports on every computer - with certain ports being traditionally reserved for certain services. For example, your machine almost definitely connects to Internet using port 80 and port 443. Your e-mail application connects to your mail server through port 25. A 'port scanning' attack consists of sending a message to each of your computer ports, one at a time. This information gathering technique is used by hackers to find out which ports are open and which ports are being used by services on your machine. With this knowledge, a hacker can determine which attacks are likely to work if used against your machine. |
Stealthing a port effectively makes it invisible to a port scan. This differs from simply ‘closing’ a port as NO response is given to any connection attempts (‘closed’ ports respond with a ‘closed’ reply- revealing to the hacker that there is actually a PC in existence.) This provides an extremely high level of security to your PC. If a hacker or automated scanner cannot 'see' your computers ports then they presumes it is offline and move on to other targets. You can still be able to connect to Internet and transfer information as usual but remain invisible to outside threats. Comodo Firewall provides the user with flexible stealthing options:
-
Click on 'Stealth Ports Wizard' in Firewall Tasks.
-
You have three options to choose from:
-
Define a new trusted network
-
Alert me to incoming connections
-
Block all incoming connections
Click the option you would like more details on:
Define a New Trusted Network and Make my Ports Stealth for Everyone Else
By selecting this option your machine's ports is stealthed (invisible) to everyone EXCEPT those networks that you specify as trusted.
To begin the wizard
-
Click 'Define a new trusted network and make my ports stealth for everyone else' link.
A dialog box appears, asking you to choose the new trusted zone:
-
If you have already configured a network zone then leave the upper option selected, choose your desired network from the 'Zone Name' drop-down box and click 'OK'.
If you have not yet defined a zone you wish to trust, you can do so in 'Network Zones' area in Network Security Policy interface of the firewall or manually define and trust a new zone from this dialog box.
To manually define and trust a new zone from this dialog box
-
Select 'I would like to define and trust a new network zone'.
-
Enter the IP range for the zone for which you want your computer to be visible - starting from the Start IP to the End IP (or specify a Subnet Mask)
-
Click 'OK' to create the new Zone rule.
If you wish to add more than one zone, simply repeat this procedure.
Using the 'Define a new trusted network and make my ports stealth for everyone else' option creates a new trusted zone by adding the following rules in the 'Global Rules' interface:
The specific parameters of the descriptive rule name above are:
Allow | IP|Out |From Any IP Address |To
Allow| IP | In| From
If you would like more information on the meaning and construction of rules, please click here.
Alert me to incoming connections and make my ports stealth on a per-case basis
You see a firewall alert every time there is a request for an incoming connection. The alert asks your permission on whether or not you wish the connection to proceed. This can be useful for applications such as Peer to Peer networking and Remote desktop applications that require port visibility in order to connect to your machine.
Specifically, this option adds the following rule in the 'Global Rules' interface:
Block | ICMP | In| From Any IP Address| To Any IP Address | Where Message is ECHO REQUEST
If you would like more information on the meaning and construction of rules, please click here.
Block all incoming connections and make my ports stealth for everyone
Selecting this option means your computer's ports are invisible to all networks, irrespective of whether you trust them or not. The average home user (using a single computer that is not part of a home LAN) finds this option the more convenient and secure. You are not alerted when the incoming connection is blocked, but the rule adds an entry in the firewall event log file. Specifically, this option adds the following rule in the 'Global Rules' interface:
Block And Log | IP | In| From Any IP Address| To Any IP Address | Where Protocol is Any
If you would like more information on the meaning and construction of rules, please click here.
Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved