Comodo. Learning thred.

Discussion in 'other firewalls' started by Fajo, Sep 13, 2008.

Thread Status:
Not open for further replies.
  1. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Ok. after a while I'm going to give Comodo another shot see how it runs this time around. accept this time its going to my Main computer instead of test system. so I need some help setting up and Harding it. means I have little experience with comodo and lots of experience with ZA and a few others I'm not to sure how to go about setting this up. some advice would be Appreciated.

    And yes. I have assumed the Bat waking position and ready for the pop up's :)
     
    Last edited by a moderator: Sep 15, 2008
  2. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    You are installing the firewall along with Defense+? CPF current final release, not beta?
     
  3. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Yes Defense is installed. and this is the release. not the beta.
     
  4. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Well I also assume that you have the default installation security modes enabled? This would mean Defense+ is set to Clean PC Mode and Firewall is set to Safe Mode?

    This allows Defense+ to only ask you about new software introduced from external sources; such as the internet and CDs/portable media.

    This allows the Firewall to automatically allow applications which are already in Comodo's built in database.
     
  5. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Firewall is in Custom Rules policy
    Defense+ is set to clean PC.

    I have already added rules for Utorrent and a few other apps like Avira. my main question is there anything I need to change, add, Turn on or off to make this firewall better ? any settings I have to tweak or any rules you could offer that would help with taking out any loopholes.
     
  6. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    If you installed the SafeSearch toolbar, your browsers are protected from memory attacks, if not you should install Comodo Memory Firewall (which does the same task, but covers all applications).

    Please note that the firewall being set to Custom mode will make for a lot more pop-ups.

    Some ways to harden CPF are:

    Firewall / Advanced / Attack Detection Settings / Check "Protect the ARP Cache" + Check "Block Gratuitous ARP Frames" / Go to Miscellaneous tab and Check "Do Protocol Analysis", "Do packet checksum verification", and "Monitor other NDIS protocols than TCP/IP

    Defense+ / Advanced / Image Execution Control Settings / Slider bar to "Aggressive"

    Defense+ / Advanced / Defense+ Settings / Check "Block all unknown request if the application is closed / Monitor Settings tab / Check all options.
     
  7. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Thanks I check some of those the one I marked in bold above I can not enable because of P2P requirements.

    Thanks tho Most of the options I did use. :argh:
     
  8. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    CPF is really secure by default, by enabling those options makes it about as secure as it can be. I have succesfully used uTorrent (100+ torrents uploading/downloading at once) with the "Do Protocol Analysis" option. You may want to try it and if you notice problems, disable it.
     
  9. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    http://forums.comodo.com/frequently...utorrent_with_comodo_firewall_3-t15677.0.html

    Was following this how to =P on Utorrent for Comodo. so /shrug lol no idea if it would affect it just there is said to have it off.
     
  10. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Yes, that is why I said it does not hurt to try it and see if it works for you.
     
  11. 3xist

    3xist Guest

    Put D+ in Safe Mode.

    Edit your policies here for your apps:

    Defense+\Advanced\Computer Security Policy
    Firewall\Advanced]Network Security Policy
     
  12. Happy-Dude

    Happy-Dude Registered Member

    Joined:
    Aug 28, 2006
    Posts:
    54
    Location:
    United States of America
    I personally think you should wait until the next COMODO version is released (the one included in CIS).

    The team is trying to make it take less resources, fix some bugs, and make it more user friendlier (this is the most important part).

    Then again, its nice to get used to it ;) .
     
  13. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    And which kind of benefit that will bring?
    He will just see tons of pop-ups for safe applications.

    For me I simplified Comodo a bit:
    1.)I deleted all predefined security policies of D+ except of "Trusted application" and "Isolated application".

    2.)For the trusted app policy I set up that it can start any executable

    3.)I changed explorer.exe and rundll32.exe to trusted ones so that they can start whatever they want, the same I did with the "Windows system applications" app tree and "Windows updater applications".

    With that settings it's not a click orgy anymore ;)

    And I recommend to restrict the rights of critical applications such as web browser as much as possible and for that you should add those apps to "My pending files" if you are in clean pc mode.

    I set up firewall alert frequency to very low and disabled alerts for loopback requests.
     
  14. 3xist

    3xist Guest

    I assumed he wanted more pop ups:

     
  15. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812

    And after a few days it has quieted way down. the main thing that pisses me off is installs. :p Other then that I like some of the customization that this firewall has. I will try it for a bit longer see how it works out. if not then back to good old bloated ZA :cautious:
     
  16. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Hi

    When I install something, I put the firewall into installation mode. The biggest problem I have, is when I forget to bring it out of installation mode. I wish they would change the color of the icon or put an I or L like OA does in learning mode. I know it warns me every 5 minutes but the change of the icon would certainly help.

    Ice
     
  17. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    I do also. but it still is annoying.
     
  18. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Is it really necessary? How about system impact?
     
  19. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    Glad your trying it out Fajo :D :p

    I have done this for my setup..

    Comodo -> Defense+ -> advanced -> image execution -> files to check -> add -> Executables, All applications.

    the image execution control level is normal.

    D+ is in safe mode.

    Hope this helps.
     
  20. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    system inpact is not noticible. CMF protects you from Drive-By-Downloads and BO attacks.
     
  21. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    I agree, Have you tried putting this on the WishList?
     
  22. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    yep, its in there. I guess the reason why they don't change the color or put a letter in front of the icon(shield) is because there are many different protection levels for the firewall/hips. It's only a minor annoyance to me but I still like the overall product.

    Ice
     
  23. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    Sorry, didn't read carefully enough.

    That's the reason why I don't use it, I rather have one pop-up for every single application, for most installations it's ok IMO.
    If it's getting too annoying with the pop-ups I switch to training mode until the installation is finished.
     
  24. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Hello,
    are you saying you still get pop-ups if you select install mode?
     
  25. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    No o_O
     
Loading...
Thread Status:
Not open for further replies.