I have just installed a kerio 4.2 firewall on my pc and tweak some setting and test it on some of the most popular site to test for stealth and it passed on all test, in grc.com and sygate.com. It was invisible... But it didn't passed on some outbound test I've tried. What's the rating or percentage of protections that you can possibly gave with this kind of firewall... perfectly stealth but didn't passed outbound leak? Is it very very important that the pc is completely invisible in the net? Tnx
What outbound test did you try? "Is it very very important that the pc is completely invisible in the net?" It helps a lot, but it's more important that your ports are secure than whether they are invisible or not. Stealth simply means your computer hasn't responded to any queries at it's ports, and means it's more difficult to locate or scan the ports.
As an experiment about a month ago, I closed all my ports here on a 2k machine and ran without any firewall or router for over a month, with no ill effects. And when I installed a firewall again, there didn't seem to be any more pings or traffic than usual also. So I'm not sure how important "stealth" really is. If all ports are closed, then there is little anyone can do to you anyway I would think. Would help to harden the tcp/ip stack also in that case. At any rate, stealth is probably a little nicer and wiser in general. It certainly is more popular nowadays.
Stealth is not necessary, as long as your not exposing services which could be exploited there is not a problem. Stealth is a fad which was started by Steve Gibson, and just carried on through ignorance through users, and software firewall makers, even using terms like 'attack' when it was just a damn probe. Hardware firewalls don't stealth by default, and they don't need to, period. It is no safer, and it breaks how tcp/ip protocols are supposed to work, causing more problems for everyone, including your computer.
While it is true to say that a stealthed port does not differ from a closed port in terms of blocking connection attempts, having the majority of your ports stealthed does make port scans more time consuming since an attacker has to wait for a response (at least a second or so) rather than receiving an instant "No entry, go away!" - greatly slowing down their scan rate. To that extent, stealth should be seen as desireable (making life harder for the script kiddies) but not essential - leaktest performance and the ability to configure strict rules should be more important security-wise.