stealthed firewalls.

Your article isn't completely accurate. "Let’s say I’m an attacker and I ping an IP but there really is no one on the other side. I wouldn’t get no response, I would get one of the “ICMP Unreachable” responses." isn't correct. You'll get an "ICMP Unreachable" response if someone hasn't set up their firewall properly to block sending this response. Otherwise, you get no reponse aka "Request timed out." The same response you would get if the machine didn't exist.

The article at http://www.hansenonline.net/Networking/stealth.html is also not completely accurate. "If there really was no computer (or firewall) there, the router sitting in front would reply for you with a simple ICMP "host unreachable" message back to the attacker." Again, this is a case of a router that is not configured properly. The router should drop any unsolicited inbound packets (or forward them to a non-existent system thus accomplishing the same thing).

And statements like "However, the mere fact the machine doesn't respond one way or the other lets the port scanner know the machine exists!" don't even make sense. You won't get any response from a non-existent system no matter how hard you try - because there's nothing there!

I see a lot of back and forth within these forums lately on this and some shots taken at Steve Gibson which I don't think he deserves. The last time I checked Steve isn't selling a firewall product, so I'm not sure how this is a marketing gimmick and I certainly don't agree that he is a charlatan.

With such diversity of opinions regarding this, I thought I would post my own. Take it or leave it for what it is and have fun stealthing or closing as you see fit.

 

Read carefully:


http://technet.microsoft.com/en-us/library/dd448557(v=ws.10).aspx

 

very interesting.So why has kaspersky decided to have its firewall of a mixed stealth and closed status..?

 

Check in the Kapersky forums. Topic has been responded by them so many times, I believe they ignore new inquiries about it. Basically they use a different approach and purposely close but do not stealth some ports.

 

I have checked in the kaspersky forum and no clear answer comes from them except claims of false marketry by the firewall testing companies.
Its a simple question which deserves a good answer.Is the kaspersky firewall secure or not.?

 

Matousec rated it very good; just slightly below the rating it awarded to Privatefirewall. It was rated higher the Outpost free.

That said, I didn't like Kaperskpy's firewall. I found it difficult to configure and understand for that matter.

 

Back when I was using KIS 2010 (which was before I had a Router) I used to have the same issues with the shields up test. What I found out at the time was that the KIS 2010 firewall worked using adaptive behaviour which is why a port scan would show different ports closed and stealthed each time it was run. If I ran the test 3 or 4 times in a row it would eventually show all ports were stealthed. I'm not sure if this is still the case with KIS 2013.

 

Thanks.I discovered this also and to be honest im not too worried about it.The moderators over at kaspersky forums are not too worried about it.
I could pass the shields up test with a few changes of kaspersky firewall settings.

 

If you really do worry about this, how about comodo firewall + KAV.

 

No im not worried about it in the slightest.Ive used comodo firewall for years and wanted a change lol.Grabbed KIS for £19,the only security software ive ever paid for.