Inbound connections

I always return to Comodo FW,although i have licenses for OA and OP as well,only because Comodo is the only one who by default don't allow inbound connections.The others FWs,Private Fw or PC Tools Fw are doing the same thing.ALLOW INBOUND CONNECTION by default.
My question.....how really important are the inbound connections.....?

 

Are you sure about that?

My Kerio 2 does not permit inbound connections. Here, I've disabled my own rule, and Kerio alerts:

​

----
rich

 

That can't be right. Most of the software fw's block inbound by default.

 

As far as I know almost all firewalls including windows native firewall (not sure about XP) will block all incoming connections with some default exception rules under default settings

 

Never used Kerio.As for the OA and Outpost,i can assure you that BY DEFAULT they allow inbound connections.Private FW too.

 

I can assure you that the only inbound connections allowed are the ones that are opened by the setup wizards. If you skip the setup wizards, you will only recieve ICMP packets most likely, and perhaps some netbios data as well.

You must be confusing things or you are speaking in broad terms. OP I know for a fact, in every version I have ever installed (and I installed the very first version ) will block inbound traffic by default. As it progressed and the setup wizard pre-configured more and more things for you, yes, you are correct, there were inbound comms allowed. But it is only because the rules existed to make it so. Stop using the setup wizard to configure it for you and you should see quite a difference. Many users don't know enough about a firewall to set it up correctly, so they need those pre-configured rules to keep them from being in a state of "lock down".

Sul.

 

So,i was right all along about the fact that by default,they allow inbounds.That's the point of my thread after all.

Will do,thank you.

 

Here's a little info about port 445. Its the port their trying to use to connect to your machine. http://www.grc.com/port_445.htm

 

Go to http://www.pcflank.com/, and run their stealth test, and trojan test. Do you have any open ports? If you do then maybe someone is probing your ports, and this is the reason for your inbound connection warning. If you have open ports its possible for someone to remotely connect to you machine, and gain access to it.

 

If you check your logs, I think you will find continuous probes whether ports are open or closed. Here, Ports (localhost) 135 and 445 -- favorites for worms and trojans!



This is just normal, daily traffic!


----
rich

 

Done all the tests,many times.Everything is ok,all the ports are closed or stealth.

 

Burebista, Comodo is not that good as you are promoting it.And if the test is made with the router installed of course you will test the router not Comodo itself.
It really depends how you set up Outpost .If you let it do the rules from it s database then you may get some inbound alowed by default depending on the aplication.
Next time you install Outpost tick "do not create rules automatically" and you will be asked when needed.

 

Burebista??He is another member from Romania,"smecher",just like you I'm just Joe,and Burebista is far more knowledgeable than me.So...
I'm not behind any router and i know about to stop OA or OP to create automatic rules.I just don't want to search for myself in OA or OP for programs with inbound connections and to set them manually.I'm just a little bit lazy i guess,that's why i prefer Comodo FW with it's predefined blocked inbound conn.

 

Ups ,sorry for the confusion ,the late hours might have played a little trick on me ,many tabs open in the browser.
The nick may seem to mean "smecher" ,but it s "seeker" in fact .

Anyway Outpost firewall has the "Disable automatic rule creation" which means it will ask for any connection which doesnt corespond to a rule already made .Sunbelt Firewall has the same asking and if i m not mistaken Online Armor does similar.
Indeed Comodo has some predefined rules to block inbound connections ,but the way this firewalls work it s different regarding the network packets "pipe" .

Hint : Set Outpost Firewall on "Block most" and set "Disable automatic rule creation" and no connection will be made unless there is a specific rule made to alow.

 

Ok,sorry for misspelling,i just got it wrong.

I have a valid license for OP,i will try this little "trick" very soon.Seems interesting.Thanks.

 

Okay, I'm curious, how so?

 

Take a look here :
http://www.agnitum.com/support/kb/article.php?id=1000120&lang=en

I ve tryed creating some generic rules in OFP ,like the ones you do in Comodo ,but if you make them in Outpost you will see connections failing in some aplications.
OFP and Comodo work differently simple and plain.
But if you are experienced enough you can add some rules in all those main pipe stages manually and get what you want.