Question about trusted (and trusting) networks

[Guest]

[bmuse]

Hi all,

Right after installing ZA, it displays the "New Network Found" box with my home network IP's, and asks if I want it in the "Trusted Zone" or "Internet Zone", along with explanations of each.

When my laptop finds a WiFi spot, hotel network, etc., I also get the "New Network Found" box and ZA seems to know those are "Internet Zone", and protects accordingly.

I'm not sure how this works in CPF?  There wasn't any "New Network" popup after installing; I looked in  the Zones area and CPF had "Local Area Network" from 0.0.0.0. to 255.255.255.255.  No mention of "trusted" or anything.  I used the Trusted Zone wizard and it found my home network IP's (192.168.0.0 - 192.168.0.255).  Anyway, my questions:

(1) How do I know which items under Zones are trusted and which are not?
(2)  Does having everything from 0.0.0.0 to 255.255.255.255 as a "trusted" zone pose a security risk?  Will that automatically consider any network I come across to be "trusted"?
(3) Should I remove the "Local Area Network" item now that I've added my home network?
(4) What will CPF do when I do connect to a network other than my home network?  Will it ask me whether to "trust" the new network?

Thanks very much for any insight!

Best,
Brett

[sded]

CPF doesn't seem to have an explicit concept of "trusted network" that I can find.  I added the IP of my router to the Network Monitor ahead of the "block and log inbound", and that seems to accomplish similar.  If you connect to another network, CPF doesn't do anything unless you have modified rules under Network Monitor to restrict things-I just tried it with wifi to a neighbors network.

[bmuse]

Hi sded, and thanks for your reply.

This concerns me a bit.  My understanding with ZoneAlarm is that on a "trusted" network, it allows your PC's to share files/printers, etc., while on an "Internet Zone" network, your PC is stealthed and protected.

So how does CPF handle this?  I'm not proficient in advanced networking and creating complex rules.  I don't think the average user is either.  I was excited to read the PCMag review and start using CPF, but now I'm worried that I won't be protected when I need to be.

Maybe I'm missing something.  If there's a straightforward way to (a) properly "trust" your home network, and (b) detect new/foreign networks and be properly protected, please let me know!

Thanks very much,
Brett

[sded]

Don't know what CPF does when you turn on file and printer sharing.  Try it and see.  Should need to enable Netbios messages and some other things.  I don't share, so don't remember offhand.  A FAQ would be nice, since I know lots of people do this.  As far as new networks, the default rules in Network Monitor are "allow all connections out", "block all connections in" so won't get anything from the new network.  "Trusting" will need to be defined-The ZA concept always caused me problems because of things that mysteriously needed to go into the trusted zone to work, with no apparent reason.  At a first blush, allow connections (TCP/UDP/ICMP/...) in from your network in "Network Monitor" in each machine on the network.

[pandlouk]

If a network is trusted you can use file sharing, printing, etc.
If an IP is not in your trusted zones you are totally stealthed against it.

ps. see this faq
http://forums.comodo.com/index.php/topic,361.0.html

[sded]

Ah, yes, I see there is a wizard that will generate the rules for you.  Didn't look for it in "tasks".  No  explicit display of trust elsewhere, but the rules are generated and you can find the zones themselves under "Tasks".  Thought attaching a USB NIC and using a neighbors wifi network might popup something, but it didn't, and worked fine with just the "allow all out" rule.

[panic]

Hi sded, and thanks for your reply.

This concerns me a bit.  My understanding with ZoneAlarm is that on a "trusted" network, it allows your PC's to share files/printers, etc., while on an "Internet Zone" network, your PC is stealthed and protected.

So how does CPF handle this?  I'm not proficient in advanced networking and creating complex rules.  I don't think the average user is either.  I was excited to read the PCMag review and start using CPF, but now I'm worried that I won't be protected when I need to be.

Maybe I'm missing something.  If there's a straightforward way to (a) properly "trust" your home network, and (b) detect new/foreign networks and be properly protected, please let me know!

Thanks very much,
Brett

Hey Brett,

If you go to www.embsolutions.com.au/cpf_rule.index.htm, I've made a flash based tutorial on what are the minimum rules you need to have defined in CPF to secure your PC, what these rules do, why they are necessary  and how to set them up manually.

Although it may seem to be a bit on the propellor-head side of things, I believe that it's in everybodys best interests if they understand their firewall, rather than just relying on an application to tell you "It's OK, I trust that thing". ZA had a nasty habit of making far too many assumptions on what I want a connection to and from. Sorry ZA, but I pick who does or does not come through my front door - not you.

Once you get the hang of how firewalls and their rules work, it's really not that hard. Comodo have done a brilliant job of simplifying the user interface to protect you from turning into a geek and it gets most things right, but nothing beats knowledge. Ever.

Hope this helps, and welcome to the forums.
Ewen :-)
 (WCF3)

[bucknasty]

Hey Brett,

If you go to www.embsolutions.com.au/cpf_rule.index.htm, I've made a flash based tutorial on what are the minimum rules you need to have defined in CPF to secure your PC, what these rules do, why they are necessary  and how to set them up manually.

Although it may seem to be a bit on the propellor-head side of things, I believe that it's in everybodys best interests if they understand their firewall, rather than just relying on an application to tell you "It's OK, I trust that thing". ZA had a nasty habit of making far too many assumptions on what I want a connection to and from. Sorry ZA, but I pick who does or does not come through my front door - not you.

Once you get the hang of how firewalls and their rules work, it's really not that hard. Comodo have done a brilliant job of simplifying the user interface to protect you from turning into a geek and it gets most things right, but nothing beats knowledge. Ever.

Hope this helps, and welcome to the forums.
Ewen :-)
 (WCF3)

: (

Link to flash tutorial not working...

==========
Sorry, we can't seem to find that page on our site. Please double check the spelling of the address. If you are certain of the address, please notify us at webmaster[ at ]embsolutions.com.au http://forums.comodo.com/index.php/topic,432.0.html 66.176.58.38 /cpf_rule.index.htm www.embsolutions.com.au Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon) 404

[panic]

: (

Link to flash tutorial not working...

==========
Sorry, we can't seem to find that page on our site. Please double check the spelling of the address. If you are certain of the address, please notify us at webmaster[ at ]embsolutions.com.au http://forums.comodo.com/index.php/topic,432.0.html 66.176.58.38 /cpf_rule.index.htm www.embsolutions.com.au Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon) 404

DOH!!

Try www.embsolutions.com.au/cpf_rule/index.htm

Mea culpa, mea culpa, mea maxima culpa!

ewen :-)

[Melih]

DOH!!

Try www.embsolutions.com.au/cpf_rule/index.htm

Mea culpa, mea culpa, mea maxima culpa!

ewen :-)

Is it me or do we all love what Ewen has done with this flash Tutorial!  CLY  Ewen :-)

So, what can everyone do to help us expand this flash tutorials to create a totally dummy proof tutorial for everything that an average user wants to do?

Also, we need a basic flash Tutorial explaning what a Personal Firewall is, so that we can put it in our main site. People don't know what a personal firewall is and why they should have it. Let see if we can all work together to build this guys, it will be sooooo great if we could do that :-)  CNY

thanks

Melih

[panic]

Also, we need a basic flash Tutorial explaning what a Personal Firewall is, so that we can put it in our main site. People don't know what a personal firewall is and why they should have it. Let see if we can all work together to build this guys, it will be sooooo great if we could do that :-)  CNY

I'm working on it, but if others could contribute their take on what a firewall is/does and why they are needed it would give a much more rounded view, rather than just my opinions and the way I do things.

Ewen :-)
 (WCF3)

[antiKK]

Fantastic work Ewen!


and..
 (WCF3) vs  (WCF17) tonight 22:30 AEST Yay!

[Tags:]