On-line port testing

These online port testers are giving people a false sense of complacency imho. They trust that
an online service will check their f/w and fully trust the results of said scan. What they should
be doing rather is learning the conventions of tcp/ip and performing said scans on themselves
via nmap/superscan/... To feel as safe and fuzzy because grc.com tells you so is a perhaps
fatal online mistake. Learn your system and how the stack works.

A better solution to check his own vulnerabilities than with those online tests, is to try a software specifically dedicated to the task like Nessus.
And, as Don said, knowing correctly (who said "perfectly"?) and monitoring its system is always the best protection.