we want to start a new initiative to create a comprehensive document called
Comodo firewall for Dummies! and we need your help
We want this document to be a comprehensive document about basics of firewall in general and lots of screenshots and easy to understand explanations.
Stage 1: Decide the content
Firewall Background
eg: What is a firewall
why do i need a firewall
Whats a software firewall and hardware firewall
Do i need a firewall if i have a router
Comodo Firewall Basics
etc etc etc.
Stage 2: Assign a topic to each volunteer (hoping there will be some (CNY) (CWY)) get an overall Project manager for this (again hoping that someone will volunteer ).
We then all help deciding, with the guidance of our Project manager the first phase and come up with the content, then dish it out and get back the content for each topic and the Project manager puts it all together.
I am hoping at the end of this, we can create a document/book called âComodo Firewall for Dummiesâ which could benefit everyone including not so dummies who wants a easy to read quick start up document
thank you all and look forward to your participationâŚ
Please respond to this by replying in the post and also suggesting topics we shoudl cover and topics you could help with pls.
I´d definatly like to help with this already started on some but mostly I´ve been waiting On V3 to finish
Melih has written some good stuff for some of these I d like to see his âThe Importance of Layered Securityâ in there somewhere
eg: What is a firewall
why do i need a firewall
Whats a software firewall and hardware firewall
Do i need a firewall if i have a router
A good bit has been written you just have to find it and organize it and possibly make some modifications for V3
If V2.X is going to be updated. as I have read in some posts by Melih I would like to see a section for it also
OD
Iâm would be interested in getting involved in this project, either in a writing capacity or, if no one else wants the position, Project Co-ordinator. Perhaps, even both
Some ideas for sections:
Windows Services/components and how they relate to firewalls.
Essential Internet protocols (HTTP, HTTPS, FTP, POP, IMAP, SMTP, NNTP etc), what they are, how theyâre used.
Vulnerabilities, what they are and how a firewall can help to protect (with examples).
A how and why, on creating custom rules.
I guess Iâm not techy enough by far, but I have a suggestion. Keep it in very very plain language (for dummies), and use a lot of similes, like: âA firewall is like a doormanâ. Iâve been private teacher and the key is imagining oneself in the shoes of someone who knows nothing.
I agree with Japo. Remember your target audience, and keep it simple. If it gets too techie the average computer user will not understand it, get confused, and stop reading (and stop using the firewall). Provide a philosophical section (like in Melihâs original post). Give information on what the different Comodo firewall settings do (with pictures). Let them know what the default settings are on installation. Give information on what to do (and not to do) during installation, including â â â â -by-â â â â instructions. Make sure the text is welcoming to the user. Make sure there is a clear path for help included. Give information on the different popup screens they will encounter (with pictures)âas in how to decide what is âgoodâ and âbad,â and how to make the correct decisions on these popups. I witnessed a non-techie âfreezeâ when a Comodo firewall popup appeared right after installation. Some panic ensued, and the user checked âBlock.â The popup was for allowing iexpore.exe. Of course, the user was confused as to why she could not get on the internet. With this in mind, maybe make the default time-out on the popups longer, to give a non-technical person more time to digest and deal with it.
This âFirewall for Dummiesâ is an excellent idea!
I was talking w/ a technical writer today about whatâs good, whatâs bad. He indicated that the key thing is to write (in simple terms, no fancy words - whether technical or not) from the standpoint of tasks, rather than tools. In other words, imagine a specific goal, and explain from start to finish how to do it. Most software manuals simply explain what it can do, or what each âtoolâ within it does, rather than helping a user accomplish a task, and thatâs where they go wrong.
There are (I think) excellent posts here about what firewalls are, why theyâre needed, and so on. There are also some excellent tutorials that can probably be modified to be more user-friendly for this type of project. Such as, âHow do I set up my firewall so itâs secure but I donât have to worry about it all the time?â, âHow do I get my p2p application to work?â âHow do I set up a file server? âŚFTP server?.. Remote access? âŚHome network?â and so on. Think of things the different levels of user (focusing primarily on the average user) would want to do, and write a âHow toâ on that subject, with lots of pics and clear, step-by-step instructions.
ok, Project Coordinator: Can you pls come up with the content listâŚ
(yes first we need to decide Project Coordinator)⌠pls put your name forward for this and pls bear in mind that it will be a task that will require quite a bit of your time.
I happy to work with Opus on this, might be easier with two of us to share the load
Iâve put together a TOC template that Iâll post later today. I think it would be a good idea to have input from the community regarding the content of the book. Once we have a definitive TOC, we can start the process of creating the articles.
Couple of things crossed my mind. First, the name of the book, âComodo Firewall For Dummiesâ as you all know there are a lot of books published under the âDummiesâ banner, do we need to be careful not to infringe any copyrights?
What format shall we use for the initial chapters, MS Word? Also will wee need to output the final document in a different format, PDF for example?
IF there is to be future Dev on CFP2.4 we should have some sections on the differences Or notes as to what applise to what i.e[this section applies 2.4 & 3.x] or [this section applies 3.X]
It should start out very basic as has been mentioned but I think there is room for more advance material toward the end ie Specific application configs.
I have experimented with some very restrictive rule sets
I saw some time delays with 2.4 and droped this method with this version
However I have seen no or little problems with 3.x at least with 3.0.9 and later
I will wait for you TOC and we will see where we go from there
I hav a wealth of srceenshots but from earlier betas I will start to go through these
I know Iâm a bit late jumping in (and hey, first time poster tooâŚ) but hereâs a Table of Contents, based on the ideas mentioned so far - especially the Tasks vs Tools principle hinted at by Little Mac. Consdering Toggie is also working on a ToC, perhaps he can merge the best ideas from his with this (although for some reason I expect there to be many similarities).
Iâve divided the book in three sections. The first covers basic concepts, not particularly related to Comodo sometimes. This way we can make some assumptions, like the user knowing that the internet consists of a bunch of computers talking together, in the chapters that follow. This section is somewhat tool-oriented⌠Second section contains Objectives - things the user wants to accomplish - this takes the Tools vs Tasks one step further⌠a user doesnât say to himself âGee. I really feel like adding a trusted application today!â - he says to himself âI want my P2P client to work, so I can listen to an MP3 of Bachâs Brandenburg Concertos!â. The objectives lead to tasks - the assumption is made that if you explain a task, the user will be able to extrapolate from that task the steps required to perform similar tasks. The third section is more of a âlookupâ directory. It will duplicate some information from the second part, but offer it more in an application-manual style. This way, if you know what youâre looking for, you can cut right to the chase.
== SECTION ONE - PREPARING ==
Introduction
1.1 How this guide works
1.2 Intended audience
1.3 Shortcuts
The Internet
2.1 Connecting to the internet
2.2 Security concerns
2.3 Solutions
A Very Shor History of Firewalls
3.1 Dedicated hardware
3.1.1 What about my router? (Note: chapter to explain relying on just a router is a Bad Idea)
3.2 Software
3.2.1 Advantages and Disadvantages to Software Firewalls
3.2.2 Windows Firewall (Note: Get out the sledgehammer and let the bashing begin?)
3.2.3 Types of Firewall (Note: Begin with simple IP blockers such as PeerGuardian on one end, end with CFP V3 at the other end of the spectrum)
== SECTION TWO - GETTING THINGS DONE ==
Getting Started
4.1 Choosing a firwall (Point out to users that there ARE actually alternatives to CPF, which might be more suitable for complete n00bs⌠donât flame too much for saying that )
4.2 Obtaining Comodo Firewall
4.3 Installing
4.4 Whatâs all this stuff youâre asking me?! (Explanation of the popup balloons, etc)
4.5 Application Overview
Getting an application to work
5.1 Browsers
5.2 Peer To Peer
5.3 Chat applications
5.4 Games
// Note: Followed by other categories of applications
Tightening up security
6.1 Sealing off everything (Block All mode)
6.2 Blocking a particular application
6.3 Blocking a particular computer
6.4 Choosing a security level
Understanding Defense+
7.1 Defense+ Events
7.2 Choosing a response to a Defense+ Event
7.3 Protecting your computer from attacks on the inside
In case of problems
8.1 Checking if Comodo Firewall Pro is the culprit
8.2 Keeping Comodo Firewall Pro up to date
8.3 Restoring a previous configuration (Note: Applies to v3, I believe)
8.4 Getting help (Note: Explain about Comodo Community)
8.5 Telling Comodo to fix itself
8.6 Submitting files to Comodo
== SECTION THREE - Digging Deeper ==
9. Protected Areas (mostly further explanation of Defense+ I guess)
9.1 Network (Firewall)
9.2 Applications
9.2.1 Processes
9.2.2 Files
9.3 Operating System
9.3.1 Registry
9.3.2 Inter-application communication (COM interfaces)
Defining policies
10.1 Security Policy explained
10.2 Policy Elements
10.3 Creating your own policy elements
10.3.1 Network rules
10.3.2 Application rules
Why Trust Comodo Firewall Pro?
11.1 Comodo Company History
11.2 Fullpage picture of Melih
11.3 Random selection of Melihâs promotional posts here on the forum
11.4 Innovations Comodo brought to the FW market (to establish image of cutting-edginess)
⌠Out of ideas
Well⌠my arms are aching now from typing this up. Feel free to use it, discard it, change it, etc. Once this thing gets started, Iâd be happy to contribute text to various chapters. I would strongly recommend focussing on V3 - that way, when V3 is done, perhaps Comodo will be able to ship this kind of document along with it. Also, while a Wiki is great for working on it, distributing documentation usually works best in a plain old PDF file (due to having it all together in a single, downloadable file) - I would urge you to use a Wiki instead of MS Word .doc (or any other file-based system) for working on it, though⌠especially with multiple contributors, such things get pretty messy pretty easily, due to people working on various parts at the same time.
I agree on the simple language point⌠but something like that is often easier said than done. Personally, the castle metaphor always sounded good to me.
Picture a medieval castle with a moat, drawbridge and guard: The idea is that a firewall begins by restricting all access (the moat) - nothing gets in, unless it goes through a port that is specifically opened (the drawbridge). As it passes through, information is inspected by a guard to check if it matches certain criteria. Questions the guard might ask are like: 'Do you have an appointment (destination port)? Where did you come from (source host)? Whatâs that weird string in your ICMP back-packet? (protocol analysis).
You could expand on that by explaining the castle is divided in various rooms (applicationâs allocated memory), with guards at the hallway making sure that anyone moving from room to room actually has business there (Defense+ COM Interfaces), or that âpeopleâ (processes) in the rooms sometimes want to borrow stuff from other rooms (DLL hooks, or whatever that involves leveraging other apps). Special sections of the OS (registry, etc) can be special rooms such as a treasury, which is extra well-guarded.
Question is how far you should go with this, before the user can no longer relate the metaphor to the things he sees on the screen.
If you hard working guys also put together a basic usage guide that will be reasonably in size and with screenshots, I can make an instruction video out of it. Not as comprehensive as the book you are putting together, but still something easy with the most important things in it so the user gets goingâŚ
)