Author Topic: network control rules  (Read 8764 times)

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #15 on: March 22, 2007, 02:07:32 PM »
I also have this in application monitor.. Is that ok??  Should run --NO

[attachment deleted by admin]

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #16 on: March 22, 2007, 02:23:21 PM »
Well, I can't complete the selftest as I'm behind a router that is not under my control, and it fails without portforwarding set up. 

It does appear to default to port 7000.

When I invoked the selftest, I had three popups from CFP:
1.  Listen Port 80
2.  DNS Port 53 (to my DNS Server)
3.  TCP Out to IP Address 207.x.x.x

I set the FW to create an application rule to allow it (item #3 only), and this is what it gave me:

HFS.exe with parent explorer.exe, Allow TCP Out, Any Source, Any Destination, Any Port (source/destination).  In using it, I would probably want two application rules, as follows:

Allow TCP Out Any, Any, Any, Any (as above; just Out only)

Allow TCP In, Any, Any, Any, Single Destination Port (that you have defined in HFS).

You might then need another rule in the Network Monitor (above your bottom Block & Log rule; you can right-click that bottom rule, select Add/Add Before), as follows:

Action:  Allow
Protocol:  TCP
Direction:  In
Source IP:  Any
Destination IP:  Any (or yours)
Source Port:  Any
Destination Port:  Single Port:  (that you defined in HFS)

OK, and reboot.

That will allow TCP traffic in on that port.  The HFS application will have to be actively running, in order to be able to receive the connection, though.

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #17 on: March 22, 2007, 03:49:01 PM »
I appreciate the work you put in (:CLP),but I don't know if I need it that bad :THNK.I tried something. I allowed all traffic in comodo and turned on windows fw and ran the test--it just asked me if I wanted to continue blocking that application I said no and it passed the test. I don't know if that is cool--what do you think--If I used it  would only be with people I knew were "relatively' safe. It would appreciate your opinion on how secure you think the windows fw is used like that.

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #18 on: March 22, 2007, 04:19:33 PM »
Well, here's the problem I see, as far as security...

When you set CFP to Allow All, you're disabling all of the protection it provides.  So at that point, it's doing nothing for you.  That's like keeping a shotgun to protect your home, but never buying any ammunition for it.  Basically, it does you no good!  ;)

IMO, the Windows FW is about as useful a firewall as spreading cream cheese over your computer.  Which is to say, it does nothing.  :(

That being said, it's all well and good to have CFP up the majority of the time and only disable it & use the WinFW when you're using HFS.  But during that time you're using HFS, you'd have absolutely no protection.  Stats on how quickly people on the internet run in to problems when they don't have an active FW are pretty scary; and that's not including running a fileserver....

I gather from your comment, that you don't know if you need it that bad, that you consider the rulemaking to be a difficult task.  If that's what's stopping you, I can assure you that it's not really as difficult as it may seem, and I can guarantee you that you'll learn more about how CFP works and become more confident with it.

We can take it in a series of steps to walk you thru, and really won't be painful at all.  That's IF you want to do that.  That is entirely up to you; I don't get paid one way or the other!  ;D  Just let me know; I'm happy to help.

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #19 on: March 22, 2007, 07:28:55 PM »
Thanks for the offer :BNC. I probably will create the rules (:NRD).I need to read that last post and maybe print it out I think it would be good to learn more about comodo. I never really learned any of the ones I had. Norton PF  2003 and EZtrust personal firewall supplied free from my isp and now comodo.

I want to look at that program a little further and see what it is raeally all about. I probably don't need it, since I can upload files to my test forum and let anyone who I say get them there. which is much safer I would imagine,but to add the rules and learn how to do it may make it worth while.

I will look for you to be online when I do it so you can bail me out (V)

Thanks again for your efforts today....... (:CLP)

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #20 on: March 23, 2007, 10:37:57 AM »
No problem, rockstar.

Here's a good place to start learning:  http://forums.comodo.com/index.php/topic,6167.0.html

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek