=======COMODO ON DEFAULT SETTINGS=======

_S3CuR_TY_GNoM3 · January 7, 2007, 9:30pm

hello,

My question is : if you’ve installed comodo and you dont change a thing afther installation, so comodo is running on default settings… is this the most high security setting for my system, or do i have to make some changements to them for full force comodo protection?

thanks comodo team

~S3CuR!TY GNoM3~

kail · January 8, 2007, 4:58pm

Hello

There are additional things… such as Monitor other NDIS protocols than TCP/IP (Security tab - Advanced - Advanced Attack Detection and Prevention - ‘Miscellaneous’ tab). But, this type of option can slowdown your system due to the additional work involved for CFP. It should really only be turned on if the Traffic-Network (main screen) gives you cause to (high Others traffic). Most configuration of CFP involves opening up ports in order to allow programs to work with CFP. So, a fresh installation with no added Network Rules… is probably the safest. But, even with additional ports opened for specific programs, there is really only a slight risk… you are putting your faith in whatever program you need the ports open for. Of course, since security is a hot topic… software vendors are very keen to close any potential vulnerabilities in their software & most vendors work very hard in this area.

Little_Mac · January 8, 2007, 6:04pm

~S3CuR!TY GNoM3~

One other thing you can do, that Kail didn’t mention, is go to Security/Advanced/Miscellaneous, and uncheck the box (2nd box), “Do not show alerts for applications certified by Comodo.” With it checked, there are known “safe” applications that Comodo won’t warn you about; with that gone, it will.

In combination with that, you can move the Alert Frequency slider to a higher position than the default. Obviously, this will increase your alerts, and give you more knowledge about what’s going on.

If you choose to do this, stop and restart the firewall (or just reboot).

Be aware, I have found that by doing this, you will get a lot of alerts for svchost.exe, system.exe and other things that are necessary to happen in the background; if you inadvertently block one of those, you may end up blocking significant, vital aspects of your communication ability. With those “system” items, it can be difficult to track down the culprit.

LM