Firewall ports

Avast Free Antivirus / Premium Security
1

Hi there. i’m trying out the security suite version 5.0.396. so, i was messing around with the firewall and didn’t found a way to block a specific port without having to point an .EXE file. let’s suppose i want to block port 13.000 , it asks me for an application, and i just want to block the port. Anyway, i was testing the firewall on “shields up” and as it founds 1 open port, i was trying to close it, no sucess. Yes i’m testing my pc, not my router, as it has the firewall turned off.
thanks

2

I deactivated my router firewall recently to test avast fw, all ports were stealth. This said it’s true that this firewall isn’t very configurable.

3

What was the open port as some have reported when they have VPN installed it opens port 135.

Closing or blocking a port can actually advertise that there is a computer at the other end and may result in extra measures to attempt to access it. The best thing to happen is for no response to pings, or ports unless the original outgoing connection is what initiated it, thereby stealthing the PC.

4

I take it you disagree with the position taken by Kaspersky?

Starting with KIS 2009 they stopped stealthing ports and only close them.
Their rationale appears to be that stealthing allegedly doesn’t provide any
additional security over closing, and may cause problems with some legitimate
apps use of the Internet.

http://forum.kaspersky.com/index.php?showtopic=148035&hl=stealth

5

Well there is no actual physical stealthing of a port, the firewall just doesn’t respond to spurious inbound connections.

If a port is physically closed then any ping, etc. will get an acknowledgement that the port is closed, ergo there is something there to close, when an inbound ping, etc. comes in and there is no response what is the other end to assume (that there is nothing on that IP or that there is but they aren’t responding).

So I hope you can see the difference and make up your own mind and pay a visit to grc.com Shields Up section and run the test with a bunch of closed ports.

What I think is of little consequence it is what you think that is important. The guy at grc.com Steve Gibson (from memory) has possibly forgotten more about this issue than I will ever know.

6

I agree with Kaspersky, but one of the first things a user does with a new firewall is usually to go run the GRC stealth tests. When that rings up, there is another posting for the vendor to answer. GRC appears the main instigator of the “stealth your ports and pings” fad, even though it violates the standards for TCP/IP, UDP and ICMP and would kill most standard networks that aren’t internet related. Do any of these people know that there was a life for networks previously? And it is hard to argue with the logic that if a network node is required to give a response (like “destination unreachable”) and doesn’t, there is something there that is making that happen. Which then may still drive a hacker to look for open ports that can possibly be exploited-but hey, that is why you have a firewall, to save you if somebody finds out you are there. But nobody wants a million new users asking why GRC says they are bad guys. :slight_smile:

7

Back to the first question in the thread… How can we close/block/stealth a specific port with Avast Internet Security ?

8

Won’t the package rules do that? ???

9

I’m now trying to block port 21 (FTP) & 23 (telnet). I enter the number in both local port & remote port. But then i can’t connect to the internet. When I check the packet rule again, the number that I entered before is not there anymore. any solution to this ?