Author Topic: Setting up Firewall for maximum Security.  (Read 62204 times)

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Setting up Firewall for maximum Security.
« on: November 22, 2008, 01:01:16 AM »
Hey Guys, The aim of this guide is to outline the functions of Comodo's Firewall  and to set up a secure connection with the internet. If you have anything that I can add to this guide or mistakes I have made please post them to me.



If you are unsure of some of the features, Comodo has a great help file that you can find at;
Comodo -> Misc -> Help

^Larger Image Here^
http://img360.imageshack.us/img360/7178/24790080uw1.png

We are going to start by going to;
Comodo -> Firewall -> Stealth Ports Wizard.  We will select "Block All Incoming connections - Stealth my ports to everyone" and click Finish.


^Larger Image here^
http://img389.imageshack.us/img389/6459/46346483up4.png

Then we are going to set up a network connection to a router\home network; 
(This is usually done automatically for you)
Comodo -> Firewall  -> My network Zones

We will add a Loopback zone and Local Area Network #1
In most cases, the loopback zone is  127.0.01/255.0.0.0
In most cases, the Network zone is your routers address\host machine  192.168.1.100/255.255.255.0


^Larger Image Here^
http://img296.imageshack.us/img296/5540/66782656fr3.png

Click apply!

Now we should have set up an Internet connection, lets tweak things a bit :)
We are going to go to;
Comodo -> Firewall -> Advanced -> Firewall Behavior settings.

We are going to push the slider up to Safe mode
Quote
Safe Mode: While filtering network traffic, the firewall will automatically create rules that allow all traffic for the components of applications certified as 'Safe' by Comodo. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.


^larger Image here^
http://img368.imageshack.us/img368/1952/84208015gg5.png

Then click on the the "Alert Settings" Tab in the same window, Slide to Medium and click on the click boxes, but leave " This computer is an Internet connection Gateway " Un-ticked . Unless you need it.




^Larger Image here^
http://img520.imageshack.us/img520/7720/81597969jf3.png


Now we will move to;
Comodo -> Firewall -> Advanced -> Attack detection settings
We are going to Tick the select boxes,  "Protect the ARP cache" and "Block Gratuitous ARP Frames"


^Larger Image here^
http://img78.imageshack.us/img78/8885/64810708rp9.png

Then we will click on the misc tab in the same window,
And select all the tick boxes.

"Block fragmented IP datagrams"
"Do protocol analysis"
"Do packet checksum verification"
"Monitor other NDIS protocols than TCP\IP"


^Larger Image^
http://img361.imageshack.us/img361/5207/41716122ed5.png





That's about it for setting up the firewall, now lets move onto the "Network Security Policy"






« Last Edit: November 22, 2008, 05:16:09 AM by Kyle »
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: Setting up Firewall for maximum Security.
« Reply #1 on: November 22, 2008, 04:12:52 AM »
Let's make some application rules;
Comodo -> Firewall -> Advanced-> Network Security Policy
Here you can add/edit rules for specific applications manually or remove them.

^larger Image^
http://img360.imageshack.us/img360/7131/38152394pp1.png

Your Global rules can be changed Manually although they should be fine how they are.
(Earlier in the thread we stealthed ports to everyone)



^Larger Image^
http://img361.imageshack.us/img361/7544/63660388jn8.png


There are predifined policy's, you may few what restrictions they apply here;
comodo -> Advanced -> Firewall -> Predefined Policies.  Click edit to see what applies.




^Larger Image^
http://img212.imageshack.us/img212/1867/10gk5.png

You don't need to make your own predefined policies, the default is usually enough.


« Last Edit: November 22, 2008, 05:15:23 AM by Kyle »
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: Setting up Firewall for maximum Security.
« Reply #2 on: November 22, 2008, 05:09:00 AM »
Let's learn how we are meant to deal with pop-ups,


^Larger Image here^
http://img116.imageshack.us/my.php?image=11eu2.png
 
For programs not in the white list (Or your in paranoid mode\Clean Pc)
You will get a pop-up for unknown requests to connect to the internet, since Firefox is a webbrowser, we will treat this application as a Web browser and click remember my answer.

For trusted applications, Select trusted application. Outgoing is a good option for window's system applications.
_______________________________________

Making rules easy! This is great for gamers and for just about any application, With no user input!

Defense+
Right click on the Comodo tray Icon -> Defense+ Security level - > Training Mode

http://img404.imageshack.us/img404/4973/20081121141124gu5.png
^Click for larger Image^

Firewall
right Click on Comodo Tray Icon -> Firewall Security level -> Training Mode

http://img408.imageshack.us/img408/1341/20081121141349vn8.png
^click for larger Image^


Quote
Training Mode: While filtering network traffic, the firewall will automatically create rules that allow all traffic for the components of applications certified as 'Safe' by Comodo. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.

You should only run training mode for as long as it needs to be, 10 minutes should be fine. Then switch back to your previous mode (Safe Mode)

Remember that when running applications in training mode that any program (good or bad) will learn and be allowed to created rules, So only use it when you need to. ( You should only need to do it once)

This should be appropriate for most users, The more advanced can tinker with the settings a bit more if they need to.

I hope this helps, Any feed back is appreciated :)
« Last Edit: May 03, 2009, 08:53:44 PM by Kyle »
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: Setting up Firewall for maximum Security.
« Reply #3 on: July 19, 2009, 04:09:55 AM »
Feel free to ask about anything you see in this guide, If you have a rather in depth question then please create your own thread within the help section.

http://forums.comodo.com/help_cis-b127.0/




I apologize for some of the pictures that have become broken (Hopefully the steps I provided will be enough for now). When CIS v4 comes out, I will update this guide accordingly and upload new relevant pictures.
« Last Edit: July 19, 2009, 04:16:30 AM by Kyle »
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek