"Stealth" is just ridiculous marketing bullshit. Your computer isn't invisible just because you don't respond to incoming packets. If there's no computer then the last router *before* it will respond e.g. with a "destination unreachable" ICMP packet. No response usually means "yes, there *is* a host, and it's dropping packets".
The machines are behind a NAT router. So, since no unsolicited inbound traffic can reach the machines and make the machines or the personal FW on the machines react because the router is setting in front of them blocking all unsolicited inbound traffic, which is what Gibson's little ridiculous
*stealth* test is about that is reacting to unsolicited inbound traffic to a machine with a PFW, how are the machines not stealthed?
That's because stealth is ridiculous and its a Gibson term. And what do you mean most ports are blocked and not stealthed? Either all the ports are closed /blocked on the router or they are not. What is it?
The ports are closed is the main thing. They have FW routers where you can tell it not respond to ping traffic.
A personal FW is not a FW. It's just a machine level packet filter. The PFW doesn't separate two networks like a FW router, host based FW with two NIC's or FW appliance. FW's separate two networks the one it is protecting from usually the Internet and the one it's protecting the LAN.
Well, do you see how rediculous it is that it even gives different results?
The point is the ports are *closed* and it's the router setting in front of the machines. The machines are already stealthed, because they are behind a NAT router and they *cannot* respond to unsolicited inbound traffic with or without the PFW setting on them, which is all the little stealth test is about for a PFW.
Forget about the stealthed crap the ports are closed and that's all that counts. You should use Google if you want to find some other testing sites.
You should learn about FW(s). Your router may not be a FW either, but it comes closer to being a FW, than the PFW.
ICMP (the protocol ping uses) doesn't work on ports, because it works in a different layer. "stealth" is just a marketing term that means "no response to incoming packets, be they ICMP, TCP, UDP or whatever". It's nonsense, because in TCP/IP not responding does *not* mean that there's nothing there.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.