You have a good firewall, or even better a router? Behind those you are invisible to the outside world. Some never sign off. Some do.
Some modems have a stand by switch that they use. I do and like it.
Depends on how secure your systems are and what you lifestyle is like. As long as your system(s) are secure physically (ie. no one can walk up to your keyboard and do nasty things), and you have a firewall of some sort (sortware or hardware), there's no security based reason to disconnect or logff the Comcast website (if you use that). Whether you chose to stay connected or not is your decision.
Personally I never sign off. My systems on up 24x7 and always connected to the Internet. My mail client is always up and pulls new messages ever 15 minutes so my messages only appear on the server for a very short time. I'm well protected behind a router so I have no fear of being entered that way. Only my son has physical access to my systems and and I trust him not to cause me any trouble (under pain of fatherly wrath .
I'm behind a router and software firewall and I leave my computer on 24/7. I also close out all windows, programs, etc., when not using them for a period of time. However, while I close out the programs, I don't sign out, so, depending on the type of cookie the program has (Gmail's will only last for 2 weeks), as soon as I open the program/browser window again, I'm already logged in. That is, until I clear my cache, history and cookies.
You can't run a port scan on your system from some anonymous wireless hotspot and expect it to give reliable or understandable results. Web based port scans work by trying to make a connection back to what they THINK is your IP addres. Did you verify (with ipconfig) that your IP address matched the IP address the website was trying to use? My guess would be that they were DIFFERENT. And the reason for that is this coffee shop is using a NAT device (possibly a wireless router) so everyone would look like they have the smae IP address to the outside world. In this situation, the web based port scan would be scanning the NAT device (wherever and whatever it is) and not your laptop.
To make a reliable test, go home and plug your laptop directly into the cable modem (making sure to power cycle it) and then run the scan. But even in this situation, other factors can interefere, for example, Comcast doesn't allow NetBIOS packets (ports 135-137,139, and 445) so even if you have your firewall open on these ports, the scan still wouldn't find them.
The most reliable test is having another computer on the same subnet as you, and on the same switch, run a port scan (using something like nmap) against your IP address.