Hi.I know if I define a rule in Global rules like:
Block IP In From Mac Any To Mac Any When Protocol Is Any
All Incoming packets that don’t match a rule in Program Rules will be blocked.
But if I want to block for example RDP access to my PC I must define a rule:
Block TCP In From Mac Any To Mac Any When Source Port Is Any And Destination Port Is 3389
Is that right???
Which other ports can be vulnerable and is better to have a blockade rule??
The “Block IP In From Mac Any To Mac Any When Protocol Is Any” rule will block all traffic for which there is no rule. That means that there is no extra rule needed for RDP.
Hi Eic.Thanks for your reply.But I want to close some ports,I mean i don’t want to block packets that have not a certain target program ,for example i want to block RDP or FTP ports for all programs even if there is a program Permitted rule for that.A Global Rule For All Programs For Certain Ports Even If There Is A Program Rule.
Is that possible in Comodo Firewall ?
It’s possible in Agnitum Outpost Network Global Rules Section.
If it is only your plan to block incoming traffic at certain ports then the “Block IP In From Mac Any To Mac Any When Protocol Is Any” is enough.
Incoming traffic will go through Global Rules first and then through Application Rules. With the Global Rules you’re using no unsolicited incoming traffic is allowed. It will be stopped there; it won’t even be handed over to Application Rules.
If you want to allow incoming traffic you first open the port with a rule in Global Rules and then make an application rule.
Outgoing traffic is handled by application rules. That’s in short the logic of Comodo Firewall.