Ok. after a while I'm going to give Comodo another shot see how it runs this time around. accept this time its going to my Main computer instead of test system. so I need some help setting up and Harding it. means I have little experience with comodo and lots of experience with ZA and a few others I'm not to sure how to go about setting this up. some advice would be Appreciated.

And yes. I have assumed the Bat waking position and ready for the pop up's :-)

You are installing the firewall along with Defense+? CPF current final release, not beta?

-{ Quote: "You are installing the firewall along with Defense+? CPF current final release, not beta?" }-

Yes Defense is installed. and this is the release. not the beta.

Well I also assume that you have the default installation security modes enabled? This would mean Defense+ is set to Clean PC Mode and Firewall is set to Safe Mode?

This allows Defense+ to only ask you about new software introduced from external sources; such as the internet and CDs/portable media.

This allows the Firewall to automatically allow applications which are already in Comodo's built in database.

-{ Quote: "Well I also assume that you have the default installation security modes enabled? This would mean Defense+ is set to Clean PC Mode and Firewall is set to Safe Mode?

This allows Defense+ to only ask you about new software introduced from external sources; such as the internet and CDs/portable media.

This allows the Firewall to automatically allow applications which are already in Comodo's built in database." }-

Firewall is in Custom Rules policy
Defense+ is set to clean PC.

I have already added rules for Utorrent and a few other apps like Avira. my main question is there anything I need to change, add, Turn on or off to make this firewall better ? any settings I have to tweak or any rules you could offer that would help with taking out any loopholes.

If you installed the SafeSearch toolbar, your browsers are protected from memory attacks, if not you should install Comodo Memory Firewall (which does the same task, but covers all applications).

Please note that the firewall being set to Custom mode will make for a lot more pop-ups.

Some ways to harden CPF are:

Firewall / Advanced / Attack Detection Settings / Check "Protect the ARP Cache" + Check "Block Gratuitous ARP Frames" / Go to Miscellaneous tab and Check "Do Protocol Analysis", "Do packet checksum verification", and "Monitor other NDIS protocols than TCP/IP

Defense+ / Advanced / Image Execution Control Settings / Slider bar to "Aggressive"

Defense+ / Advanced / Defense+ Settings / Check "Block all unknown request if the application is closed / Monitor Settings tab / Check all options.

-{ Quote: "If you installed the SafeSearch toolbar, your browsers are protected from memory attacks, if not you should install Comodo Memory Firewall (which does the same task, but covers all applications).

Please note that the firewall being set to Custom mode will make for a lot more pop-ups.

Some ways to harden CPF are:

Firewall / Advanced / Attack Detection Settings / Check "Protect the ARP Cache" + Check "Block Gratuitous ARP Frames" / Go to Miscellaneous tab and Check "Do Protocol Analysis", "Do packet checksum verification", and "Monitor other NDIS protocols than TCP/IP

Defense+ / Advanced / Image Execution Control Settings / Slider bar to "Aggressive"

Defense+ / Advanced / Defense+ Settings / Check "Block all unknown request if the application is closed / Monitor Settings tab / Check all options." }-

Thanks I check some of those the one I marked in bold above I can not enable because of P2P requirements.

Thanks tho Most of the options I did use. :argh:

CPF is really secure by default, by enabling those options makes it about as secure as it can be. I have succesfully used uTorrent (100+ torrents uploading/downloading at once) with the "Do Protocol Analysis" option. You may want to try it and if you notice problems, disable it.

-{ Quote: "CPF is really secure by default, by enabling those options makes it about as secure as it can be. I have succesfully used uTorrent (100+ torrents uploading/downloading at once) with the "Do Protocol Analysis" option. You may want to try it and if you notice problems, disable it." }-

http://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/tutorial_for_utorrent_with_comodo_firewall_3-t15677.0.html

Was following this how to =P on Utorrent for Comodo. so /shrug lol no idea if it would affect it just there is said to have it off.

Yes, that is why I said it does not hurt to try it and see if it works for you.

Put D+ in Safe Mode.

Edit your policies here for your apps:

Defense+\Advanced\Computer Security Policy
Firewall\Advanced]Network Security Policy

I personally think you should wait until the next COMODO version is released (the one included in CIS).

The team is trying to make it take less resources, fix some bugs, and make it more user friendlier (this is the most important part).

Then again, its nice to get used to it ;) .

-{ Quote: "Put D+ in Safe Mode.
" }-
And which kind of benefit that will bring?
He will just see tons of pop-ups for safe applications.

For me I simplified Comodo a bit:
1.)I deleted all predefined security policies of D+ except of "Trusted application" and "Isolated application".

2.)For the trusted app policy I set up that it can start any executable

3.)I changed explorer.exe and rundll32.exe to trusted ones so that they can start whatever they want, the same I did with the "Windows system applications" app tree and "Windows updater applications".

With that settings it's not a click orgy anymore ;)

And I recommend to restrict the rights of critical applications such as web browser as much as possible and for that you should add those apps to "My pending files" if you are in clean pc mode.

I set up firewall alert frequency to very low and disabled alerts for loopback requests.

-{ Quote: "And which kind of benefit that will bring?
He will just see tons of pop-ups for safe applications.

For me I simplified Comodo a bit:
1.)I deleted all predefined security policies of D+ except of "Trusted application" and "Isolated application".

2.)For the trusted app policy I set up that it can start any executable

3.)I changed explorer.exe and rundll32.exe to trusted ones so that they can start whatever they want, the same I did with the "Windows system applications" app tree and "Windows updater applications".

With that settings it's not a click orgy anymore ;)

And I recommend to restrict the rights of critical applications such as web browser as much as possible and for that you should add those apps to "My pending files" if you are in clean pc mode.

I set up firewall alert frequency to very low and disabled alerts for loopback requests." }-

I assumed he wanted more pop ups:

-{ Quote: "
I have assumed the Back waking position and ready for the pop up's :-)
" }-

-{ Quote: "Ok. after a while I'm going to give Comodo another shot see how it runs this time around. accept this time its going to my Main computer instead of test system. so I need some help setting up and Harding it. means I have little experience with comodo and lots of experience with ZA and a few others I'm not to sure how to go about setting this up. some advice would be Appreciated.

And yes. I have assumed the Bat waking position and ready for the pop up's :-)" }-

-{ Quote: "I assumed he wanted more pop ups:" }-


And after a few days it has quieted way down. the main thing that pisses me off is installs. :P Other then that I like some of the customization that this firewall has. I will try it for a bit longer see how it works out. if not then back to good old bloated ZA :dry:

Hi

When I install something, I put the firewall into installation mode. The biggest problem I have, is when I forget to bring it out of installation mode. I wish they would change the color of the icon or put an I or L like OA does in learning mode. I know it warns me every 5 minutes but the change of the icon would certainly help.

Ice

-{ Quote: "Hi

When I install something, I put the firewall into installation mode. The biggest problem I have, is when I forget to bring it out of installation mode. I wish they would change the color of the icon or put an I or L like OA does in learning mode. I know it warns me every 5 minutes but the change of the icon would certainly help.

Ice" }-

I do also. but it still is annoying.

-{ Quote: " if not you should install Comodo Memory Firewall (which does the same task, but covers all applications).
" }-

Is it really necessary? How about system impact?

Glad your trying it out Fajo ;D :P

I have done this for my setup..

Comodo -> Defense+ -> advanced -> image execution -> files to check -> add -> Executables, All applications.

the image execution control level is normal.

D+ is in safe mode.

Hope this helps.

-{ Quote: "Is it really necessary? How about system impact?" }-

system inpact is not noticible. CMF protects you from Drive-By-Downloads and BO attacks.

-{ Quote: "Hi

When I install something, I put the firewall into installation mode. The biggest problem I have, is when I forget to bring it out of installation mode. I wish they would change the color of the icon or put an I or L like OA does in learning mode. I know it warns me every 5 minutes but the change of the icon would certainly help.

Ice" }-

I agree, Have you tried putting this on the WishList?

yep, its in there. I guess the reason why they don't change the color or put a letter in front of the icon(shield) is because there are many different protection levels for the firewall/hips. It's only a minor annoyance to me but I still like the overall product.

Ice

-{ Quote: "I assumed he wanted more pop ups:" }-
Sorry, didn't read carefully enough.

-{ Quote: "Hi

When I install something, I put the firewall into installation mode. The biggest problem I have, is when I forget to bring it out of installation mode. I wish they would change the color of the icon or put an I or L like OA does in learning mode. I know it warns me every 5 minutes but the change of the icon would certainly help.

Ice" }-
That's the reason why I don't use it, I rather have one pop-up for every single application, for most installations it's ok IMO.
If it's getting too annoying with the pop-ups I switch to training mode until the installation is finished.

Hello,
are you saying you still get pop-ups if you select install mode?

-{ Quote: "Hello,
are you saying you still get pop-ups if you select install mode?" }-
No ???