Monday, August 17, 2009

Comodo Firewall for Windows

SkyHi @ Monday, August 17, 2009
COMODO Firewall tutorial
________________________________________
Many people don't like COMODO as they find it diffucult (I too once was like that). When I got my laptop, I initially wanted to use Online Armor Free (OAf) with KAV 2009 but it seems the previous version of OAF didn't want to work with with KAV 2009 as my laptop will hang at the welcome scrren. I didn't want to use KIS 2009 as I feel is a waste of money of RM30 just to get a firewall when I can have a free and good one. So since KAV 2009 and OAF cannot work, I had to use COMODO firewall. Now I am using COMODO firewall with KAV 2009. I had no problems with it and so, I am keeping COMODO firewall.
COMODO firewall takes ~5mb on RAM and ~110mb on Hard disk whhile OAf takes ~20mb on RAM and ~30mb on Hard disk. So today for those who want to use COMODO firewall, I am going to do a tutorial on it.

1. I will first start off with the installation of it. You can download COMODO firewall here.
http://personalfirewall.comodo.com/d..._firewall.html
By default, it is CMODO Internet Security. You can opt for the standalone firewall or standalone antivirus or both as shown in the screenshot,


If you just want the firewall, check the "Intall COMODO Firewall" as I have shown. Then it will bring you to the next screen,

Choose "Firewall with Optimum Proactive Defense". Unless you are those paranoid type then choose "Firewall with Maxmium Proactive Defense". For the firewall option, Defense+ will not be install. But I feel is better to have the Defense+ option. Well is up to you. I took the Optimum Proactive Defense. If you don't want Defense+, you can disable it later.
After that just follow what they ask.

REMEMBER to UNCHECK the unnecessary option like Install Safesurf, Ask Toolbar and Make COMODO my default homepage. That is not needed. You do not want that 3 option. Then reboot

2. After reboot, COMDODO will start up with WIndows and scan your computer for anything which you connect to the internet. It will ask for your opinion if I am not mistaken.

What happen if you accidentally block/allow a program to the internet and want to block/allow that program to the internet?
Simple, Open up COMODO firewall by double clicking on the COMODO firewall icon. Go to the following. Firewall --> Advanced --> Network Security Policy and remove what you have allow/block. So next time COMODO see that, you will be prompt to allow/block.

Setting up COMODO Firewall for maximum security
1. Making all ports stealth. Firewall --> Stealth Port Wizard --> "Block All Incoming connections - stealth my port to everyone as shown in the picture below.
This image has been resized. Click this bar to view the full image. The original image is sized 946x546.


I didn't do it because by default when I install it, I found that all my ports are stealth by checking here.

2. Here you can see what network you are connected to. It is automatically done for you when you first restart your computer after installing COMODO firewall.
This image has been resized. Click this bar to view the full image. The original image is sized 789x737.


3. We are now going to set the firewall settings. By default it is in Safe Mode.
Quote:
Safe Mode: While filtering network traffic, the firewall will automatically create rules that allow all traffic for the components of applications certified as 'Safe' by Comodo. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.
You can set it by going Firewall -> Advanced -> Firewall Behavior settings -> General Settings as shown in the picture below.
This image has been resized. Click this bar to view the full image. The original image is sized 864x543.


4. Next, we want the way the firewall alert us. So we go to Firewall -> Advanced -> Firewall Behavior settings -> Alert Settings Choose medium as you don't want to much alert.
This image has been resized. Click this bar to view the full image. The original image is sized 865x538.

Click on the click boxes, but leave " This computer is an Internet connection Gateway " Un-ticked . Unless you need it.

5. Now we want the way COMODO deals with attack.
Go to Firewall -> Advanced -> Attack detection settings
Tick the select boxes, "Protect the ARP cache" and "Block Gratuitous ARP Frames" as shown in the picture below.

Then we are to the miscellaneous on the same window and select all the tick boxes.

"Block fragmented IP datagrams"
"Do protocol analysis"
"Do packet checksum verification"
"Monitor other NDIS protocols than TCP\IP"



That is about it to set up the firewall. The rest I think you are smart enough to handle.




No problem. Yes I have tested it by using it together with KAV 2009 on my laptop which runs Windows Vista Home Premium and it didn't give me a problem. I think aaprt then me who uses COMODO, hellnoire also use COMODO.


Setting Defense+ for Maximum protection
1. Go to Defense+ -> Advanced -> Defense+ settings the COMODO forum decide to push the slider to Safe Mode as shown in the picture,
This image has been resized. Click this bar to view the full image. The original image is sized 835x543.

but I think that is overkill as you will get more prompts for small things. So my recommendation will be Clean PC mode. Then we are going to tick the select boxes,
"Trust the applications digitally signed by trusted software vendors"
"Block All unknown requests if the application is closed"

Then click the next tab in the same window "Monitor Settings"
This is what Defense+ will monitor.
Select them all for maximum protection as shown in the picture.


2. Next,we will move on to image execution controls.
Comodo -> Defense+ -> Advanced -> Image execution control settings
We will set the slider to "Normal"


On the same tab, click "Files to check"
Click Add -> File groups -> Executables



That is all for Defense+

Remember to click apply after you configure each thing.


For installing new programs, use training mode for both firewall and Defense+ so you won't be interrupted with prompts when you install or update stuff.



When you run COMODO for the first time, Put both the thing into Training Mode as you won't have so much prompts. Run Training Mode for 10 minutes and then switch it back to "Safe Mode" for Firewall and "Clean PC Mode" for Defense+

For those gamers, run COMODO using Training mode

Hope this tutorial won't make people hate COMODO but try using it.

Source for Setting up Defense+ for maximum security : http://forums.comodo.com/defense_gui...-t30473.0.html


For some people who just want the firewall alone, you can disable the Defense+.


Reference: http://www.raymond.cc/forum/tutorials/11420-comodo-firewall-tutorial.html


http://forums.comodo.com/firewall_guides/setting_up_firewall_for_maximum_security-t30535.0.html