interactive mode port scan

Discussion in 'ESET Smart Security' started by guest, Feb 5, 2009.

Thread Status:
Not open for further replies.
  1. guest

    guest Guest

    My vista machine is set to listen to ports 40152 to 40157.

    Honestly, I don't know why, but I don't really bother because I am protected by a nat router/firewall and also by eset firewall.

    But while I was testing the firewall, I noticed that eset is blocking (they are stealth) ALL the ports when in the policy-based mode. But when it is set to the interactive mode, all the ports are stealth, but the listening ports I talked about are seen as closed. It looks like as I get the prompt that says I have an incoming connection, the firewall dosen't know what to do and sends a message that the port is closed... But in the policy based-mode, it just blocks it because it already knows that it must be blocked.

    Anyone noticed that? Is it normal?

    Thanks

    Alex
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,654
    Ports should always be stealth behind a router no matter what mode. If data is getting past your router to the point of even testing your PCs ports something is wrong with the router.
     
  3. guest

    guest Guest

    Yes exactly! I know and everything is fine, but in that test, I wasn't protected by the router. I wanted to test the eset firewall, not the router...
     
  4. norky

    norky Registered Member

    Joined:
    May 1, 2004
    Posts:
    172
    Location:
    Lithia, FL
    closed or "stealthed" it doesn't really matter. stealth is a bunch of marketing hoopla. If someone scans an IP and gers no response whatsoever, it tells them there's something there.
     
  5. guest

    guest Guest

    well, yeah, A closed port is enough, but a sthealted one seems better, even if you can't infect a computer with closed ports...

    But still, they are blocked in interactive mode and stealthed in policy-based mode so... I wonder if it is a normal thing...
     
  6. norky

    norky Registered Member

    Joined:
    May 1, 2004
    Posts:
    172
    Location:
    Lithia, FL
    A stealthed is just the same as a closed. If there truly wasnt any computer at an ip, you would get a time out.
     
  7. guest

    guest Guest

    I know ;-)... I just wondered why they are closed in interactive mode but sthealted in policy-based mode...
     
Thread Status:
Not open for further replies.