What is the best website/program to test my firewall settings? I already know about ShieldsUp!.
Hi…
I’m not sure about the best but here are three others that you can use to check your firewall…
Hope these help.
Merry Christmas and a Happy New Year 
May God bless you
Isn’t it payed by Outpost? I think it’s not independent.
Anyway, tests with AIS aren’t good. Maybe someone from the team could comment this. So we can learn and further help the users that follow that tests.
Norton Security Check.
Hi Tech…
Looking at your screenshots, the results are a bit curious. What firewall do you use?
God bless
avast Internet Security :
Hi Tech…
Ok, I didn’t realize or had forgotten you were using AIS, I didn’t make a connection between threads. ;D
God bless
Anyway, into the forum jungle, I hope Alwil comment the results… they’re strange or, at least, will be strange for the users who test AIS.
If any of the applications you have in the firewall have access right which includes “accept connection from internet” and the application is running and is listening on some ports - then: THESE PORTS MUST NOT BE IN STEALTH MODE!!!
This is how things works, folks. Either you can be reached from outside or you are stealthed. There is nothing in between.
So these tests are relevant only in the case, where no application has incomming right or the firewall is in public/airport profile.
There is an exception to this - being in the beta phase we have not yet implemented fully all checkboxes in the “system control” box in application rules. These are now controlled by the rules, but can not be tweaked from the gui - so in work profile some traffic is allowed even if unchecked here! You can simulate the act of unchecking everything by deleting the rules.xml file and restarting.
Tech, I hope you will comment on the way you have made your tests! Thanks.
EDIT:
I also strongly hope you are NOT using any kind of hardware firewall such as HW router or ADSL modem with nat router during the tests. I know it is probably not necessary to note such an obvious fact, but for the less experienced users - please be aware thay you can test only the first router on the route from the test server to your computer.
Especially if you are not running Telnet and Web servers, like Tech probably runs, these two ports might be opened on the HW router to allow remote administration.
Lukas, I just open the test (browser) and run with a lot of applications running in background (as usual ;D).
But I was on Work/Medium risk profile. I do not have a firewall in the router but, of course, I’m behind a network and a router.
I should have read better the test restrictions.
I’m not running AIS right now as it’s BSODing my computer. I’ll try Public/High risk profile later.
The public/airport mode should not make much difference, if you are behind a router. Only if you forward some ports on the router to your PC - then the packets might reach your computer and avast firewall. There they might be blocked or not, but whether the router will report such port as closed (sending RST packet) or stealth (not sending any packet, which is against TCP rfc) is upto the router firmware/setup. Certainly nothing any software component on your PC may influence.
Thanks Lukas. I can’t change router settings right now.
If any of the applications you have in the firewall have access right which includes “accept connection from internet” and the application is running and is listening on some ports - then: THESE PORTS MUST NOT BE IN STEALTH MODE!!!
This is how things works, folks. Either you can be reached from outside or you are stealthed. There is nothing in between.
So these tests are relevant only in the case, where no application has incomming right or the firewall is in public/airport profile.
There is an exception to this - being in the beta phase we have not yet implemented fully all checkboxes in the “system control” box in application rules. These are now controlled by the rules, but can not be tweaked from the gui - so in work profile some traffic is allowed even if unchecked here! You can simulate the act of unchecking everything by deleting the rules.xml file and restarting.
Hello,
I have a simple question regarding “Either you can be reached from outside or you are stealthed. There is nothing in between” - Comodo has “stealth ports per case basis”, some of the other suites and firewalls also have a way of let’s say using Utorrent and nevertheless being stelthed. I tried every possible (I’m open to new suggestions) option in the firewall to make Utorrent work in the Public profile with no success, then, switching to Work profile it works but at shields up it shows my 135, 139 and 444 ports open. I tried to manually close them with no success. I’ve used many stand alone firewalls and security suites but I have never experienced something like that. Even if not all ports are stealthed, at least they are closed.
@zerotox: Outdated topic…!!! See date… 
asyn
I saw its outdated but since I posted here: http://forum.avast.com/index.php?topic=67024.0 my problem with Utorrent and no working suggestion or logical explanation besides disabling or uninstalling firewall, I tried searching through the forums and came across this thread explaining that the behaviour of the firewall in Work mode is normal - well I don’t think its normal to leave open ports, and also I don’t think it’s normal to mess-up the firewall settings in the GUI and not to have a normal way of excluding an application from filtering, or to open or close a specific port. The thread itself is outdated but the problem is not, it’s still there.