My vista machine is set to listen to ports 40152 to 40157.

Honestly, I don't know why, but I don't really bother because I am protected by a nat router/firewall and also by eset firewall.

But while I was testing the firewall, I noticed that eset is blocking (they are stealth) ALL the ports when in the policy-based mode. But when it is set to the interactive mode, all the ports are stealth, but the listening ports I talked about are seen as closed. It looks like as I get the prompt that says I have an incoming connection, the firewall dosen't know what to do and sends a message that the port is closed... But in the policy based-mode, it just blocks it because it already knows that it must be blocked.

Anyone noticed that? Is it normal?

Thanks

Alex

Ports should always be stealth behind a router no matter what mode. If data is getting past your router to the point of even testing your PCs ports something is wrong with the router.

Yes exactly! I know and everything is fine, but in that test, I wasn't protected by the router. I wanted to test the eset firewall, not the router...

closed or "stealthed" it doesn't really matter. stealth is a bunch of marketing hoopla. If someone scans an IP and gers no response whatsoever, it tells them there's something there.

well, yeah, A closed port is enough, but a sthealted one seems better, even if you can't infect a computer with closed ports...

But still, they are blocked in interactive mode and stealthed in policy-based mode so... I wonder if it is a normal thing...

A stealthed is just the same as a closed. If there truly wasnt any computer at an ip, you would get a time out.

I know ;-)... I just wondered why they are closed in interactive mode but sthealted in policy-based mode...