What everyone needs to know is that CPF has 2 “layers”. The most important of which is the Network Monitor Rules; which are independent of the software/application access rules.
Here is an example… The default Network Rules created at install time are:
ID Permission Protocol Source Destination Criteria
0 Allow TCP/UDP Out Any Any
1 Allow ICMP Out Any Any Where icmp message is echo request
2 Allow ICMP In Any Any Where icmp message is fragmentation needed
3 Allow ICMP In Any Any Where icmp message is time exceeded
4 Allow IP Out Any Any Where IPPROTO is GRE
5 Block (+log) IP In/Out Any Any Where IPPROTO is ANY
Let’s consider the first rule (ID 0)… if this rule did not exist, and you went to load your web browser to browse you favorite web-site (no doubt the Comodo forums ;D)… you would be asked by CPF if the application could have TCP Out access on port 80 (HTTP) to request the web-page to be loaded… and you would of course tell the popup that the browser application can make TCP Out requests… what would happen if rule ID 0 did not exist?
The application rules are useless in CPF if the Network Rules do not allow the flow of traffic for the application to succeed. The end result would be that the browser would fail to load the page. That is power!
All of the default configurations are feedback from the users of these forums. People wanted:
- to be secure off the the bat… Network Rules 0,4, & 5 were born
- CPF was found to be so tight that some web-site failed to load… Network Rules 1,2, & 3 were born
- People did not want to be hammered with so many popups during firewall training… The Alert Frequency Level was preset to Low, but is changeable… as well the user can choose to enable/disable the Show Alerts for applications certified (as SAFE) by Comodo
The default rules of CPF are meant to appease the masses while maintaining excellent protection; in no way can they be considered unsecure.
For Windows innate services, I’ve always liked following the information posted at TweakHound… (even his guide on installing WinXP "properly is a good read)
- The right way to install WinXP
- Super WinXP tweaking guide (also covers services to disable)
- Securing Windows XP
If you use torrents, my How To that you have read does cover opening the ports to allow them to work… and here is were we choose to punch holes in our defenses (opening ports) to allow applications we want/need to function. Our choice.