CPF/computer newbie router question...it's all new to me!

Hi. Please bear with me, I know not what I do. I know very little about computers and even less about firewalls. I just removed Norton from my computer because it quit auto-updating and freezes when reminding me that is will expire in a month. I removed the same program from my son’s computer a few months back for the same reason and switched his to Zone Alarm/AVG. I’ve just installed CPF on my computer after reading (and trying to comprehend) almost everything in this forum. I watched the nicely done and very detailed tutorial on how to set up the firewall. When I opened the Network Monitor, I was surprized to see eight items in there already. Are these default settings?..the tutorial didn’ mention them. I guess they are new? A friend helped to hook up a Linksys wireless broadband router to my computer, and my son’s computer has the wireless adapter, both which are working fine. I cheated and got a router with SES so I wouldn’t have to mess with encryption settings…it does this for me with a push of a button! I did make sure I changed the default"admin/admin"passwords for the router and I read that I should disable SSID broadcast, so I did that, too.
My first question: Do I need to change the default network control rule settings in CPF or are they adequate for my set up? My two computers do not share anything except this wireless connection; we don’t share files or printers and don’t need to and have never been set up for this. Do I still set up a trusted zone just like in the tutorial? I ran across a post in this forum somewhere that mentioned “instead of adding your entire network range as a trusted zone add only the IP address of your wifi-router as trusted.” Is that something I should do? The default set up has an “allow IP out” and “block & log IP in/out” but those are both listed as #6 & 7 (last) on the list. If I make a trusted zone just like the tutorial shows, do I remove the #6 & 7 from the default list?
Obviously, I don’t understand what I’m doing and probably should not be messing with something this complex but I’m hoping that someone has the patience to help me.
Second question: When I deny a program access on a popup alert, is that forever? I denied a couple of background processess that probably should have been ok’d and now I’m wondering how to undo that?
In spite of my inexperience, CPF installed without any problems and is working with Avast just fine. It appears to be a great program and comes very highly recommended by 3 of my co-workers who are computer literate, but who are (wisely) unavailable while I’m trying to set it up.
Thank you for any help you can offer. ???

G’day stymied,

Firstly, welcome to the forums.

If your two PCs are just using the same router for internet access, they are, in essence, two separate PCs that just happen to be driving down the same road at the same time. Yes, they are a network, but if you aren’t sharing anything between the two PCs (like folders or printers), then don’t even think of them as a network.

*** Before an expert jumps on me, yes, I am over simplifying, but just for the sake of clarity). ***

In answer to your questions,

My first question: Do I need to change the default network control rule settings in CPF or are they adequate for my set up?

No, the eight default rules are designed to cover the most commonly used methods of communications. If everything is working OK, why change? As a side note, I will update the flash demo to cover the latest version and include an explanation of these rules.)

Do I still set up a trusted zone just like in the tutorial?

This is only needed if you are actively sharing stuff between your PCs. As you’re not, it’s not necessary, and not having a zone set up means CPF will treat the other PCs as any other IP resource - i.e. hostile until proven otherwise.

I ran across a post in this forum somewhere that mentioned "instead of adding your entire network range as a trusted zone add only the IP address of your wifi-router as trusted." Is that something I should do?

Again, this is really only applicable if you are actively sharing between PCs on a local LAN. Since you are effectively running your PC as a standalone PC, it’s not necessary.

The default set up has an "allow IP out" and "block & log IP in/out" but those are both listed as #6 & 7 (last) on the list. If I make a trusted zone just like the tutorial shows, do I remove the #6 & 7 from the default list?

The zones are only required if you are using your PCs as a LAN and sharing stuff. The eight default rules should be left alone. The last one (Block & Log …) must be the last rule in the list, particularly if you do add rules at a later point. This is the catch-all rule that prevents in or out traffic that doesn’t meet the criteria specified in the other rules.

Second question: When I deny a program access on a popup alert, is that forever? I denied a couple of background processess that probably should have been ok'd and now I'm wondering how to undo that?

If you clicked the “Remember” option, then yes, it’s forever. It is possible to reverse this, however. Open up CPF and click on the SECURITY button at the top of the window. Now, click on the APPLICATION MONITOR button on the left hand side. This will show a list of all the applications you’ve approved. Find the ones that you want to “relearn”, click once on it, then do a right click and select “Remove”. The next time this application is started, CPF will again pop-up and ask you about it.

I hope this makes sense to you. If not, or if you want further info, please post back here.

Again, welcome to the forums.

Hope all this helps,
Ewen :slight_smile:

Some of those FAQs you’ve read, their kinda a bit obsolete regarding the new CPF installment.
The latest release (starting from 2.3.x.x), they have those additional rules set-by-default.
…and as Ewen, said; it’s there to compromised “the most” common task.

*. …and Ewen, I’m quite happy someone just breakin’ me “bad-seed” balls!

Thank you, thank you, thank you!!! You explained that well and I appreciate it being simplified for my level of understanding. So, I will leave well enough alone with my CPF set up. You’ve been very kind. So far, the only problem with CPF is my lack of knowledge, but I love the status screen that tells me all is ok and the fact that everything has worked without any problem. It appears to work great with all other programs on my computer. As soon as there’s a newer version where the tray icon shows whether there’s an internet connection or not (I think I read somewhere that’s being worked on?), I’ll be removing ZA from my son’s computer and loading CPF instead. Thanks again. (L)

Suggestion…
Help your son’s pc boots faster and more secure, by replacing ZA with CPF now.

*. You never know what kids today might stumble in to…

I don’t doubt you’re right about switching his computer to CPF. However, it’s difficult to convince him to switch over from ZA because he wants that tray icon that shows when internet traffic is blocked…he likes that visual. ::slight_smile: I have to admit that I do like ZA’s “light show” when internet traffic is moving, as well as the lock symbol when traffic is halted. I’m hoping CPF is working on some kind of tray icon lock symbol for a future update…then it will be Comodo Perfect Firewall! (S)

A very good idea. :wink: I have seen this asked of before and I don’t know if Comodo is going to do this as of yet or has thought about it. While I know a secure firewall is the No.1 priority,it can’t hurt to ask.

Any word on this anyone?

Here’s a sample I made…

[attachment deleted by admin]

Nice :slight_smile:

Yes, a tray-icon showing status would be nice!

yes, its on our list to build for the next version :slight_smile:

Melih

Thanks Melih. :slight_smile:

Paul

This is the best news! (R) I can’t wait for the next version…but I will (:WIN)