In this post, we will explain what are Closed Ports and Stealth Ports and the differences between a Closed Port and a Stealth Port in brief. Firewalls, no doubt, are one of the most important components of your computer (network) and they help you protect Ports. You know you need a firewall so that your computer (network) is not visible on the Internet to the bad guys. These bad guys find computer ports and access your computer through one of them. Their tactics keep on changing and hence, the firewall designing companies add more and more security to their firewalls – firmware or software.
Closed Port vs Stealth Port
For a long time, I’ve believed all of us IT folks believe in keeping the ports in stealth mode. However, a user responded to my review of the Comodo firewall saying his ISP (Internet Service Provided) has programmed the network in a way that shows ports as “closed” as against the preferred “stealth”. I do not know how that makes the computer or the computer network behind that firewall any safer. In my opinion, closed ports are still vulnerable as the bad guys can always figure out how to open them using a combination of techniques. Just listen to traffic, get to the computer using the open port and then open the closed ports.
In case you do not know the difference between closed port mode and stealth port mode, here is a simple description.
A computer has many ports through which it communicates with different components attached to it such as printers, scanners, keyboards, and routers, etc. The ports connected to printers and other peripherals are okay as long as they do not form “things of the Internet” – meaning they are not connected to the Internet. But if any of those computers or the peripherals are connected to the Internet, we have to make sure no one can access them without proper permission. That sums up the entire thing to “everything connects to the Internet through one or more port”.
For example, port number 995 is used to receive secure email. Port 110 is also used to receive mail via an unencrypted connection to the Internet. Likewise, port number 80 is used to connect to the Internet in most Windows-based computers.
What hackers do is to try and find any instances of ports – open or closed so that they can gain access to any computer (network) or server. If the port is open, they can straightaway access the computer (network). If the port is closed, they can still use various techniques to get into the computer (network). However, if the port is in stealth mode, it is invisible to others on the Internet. A stealth case makes your computer (network) disappear from the Internet.
In my opinion, the firewalls that prevent ports of your computer networks from appearing on the Internet are the best. Thus, you should go for firewalls that provide stealth mode for ports rather than closed. I do not know why some of the ISPs are using closed modes, as told to me by way of comment on my review of the Comodo firewall. If any of you have an answer, please share it with me.
Please note that this list of free firewalls may not be perfect. I selected a little over a dozen firewalls and ran a few tests available on the Internet. They were basic tests that are easily available to anyone and all passed them. These are the best Free Firewall software for Windows as per my observation. Check them out, and if you feel I missed or included something that shouldn’t be here, please inform me – with reasons.
As always, the firmware firewalls are on top and are present at the very first point of contact with the Internet. Hardware firewalls are ones included in your routers and modems that help you stay invisible on the Internet. While the default mode they provide is a stealth mode, you can use one of the tests mentioned below to see the results. If you wish to test the hardware firewall, please disable any other firewall (including the Windows firewall) before running the tests. You can read more here on Hardware firewall vs. Software firewall.
While I was totally convinced that these are the best form of protection as you can have these firewall turned on and then use a software firewall to add another layer, I now urge you to test the hardware firewall just in case your ISP too configured them to appear as closed instead of stealth mode.
What is your opinion?
Which firewall do you use and which do you think is the best one? If you think I missed something or included something that shouldn’t be here, please let me know me.
Reference: GRC, Shields Up Tests: Gibson Research Corp.