CPF questions

I have a few questions about the latest releae of CPF.

  1. Does it prevent data on my PC from going on the net.

  2. Will it prevent someone downstream looking at what where i going on the internet and picking up passwords ans such?

 thanx  stillen

hallo stillen,
wellcome to the forum,

If a firewall is properly configured it could prevent malicious application leaking your data on internet.
But due to the complex nature of threats nowadays is useful to have an insight of your system inner workings and firewall capability in order to archieve a good level of security.
There is no ablsoute security nowadays but using effectively CPF could grant you an outstanding level of security.

If you have a wireless router, for example, you need an additional level of protection granted by a WPA random over 20 characters password.
If you want more security you could switch to Firefox or Opera.
An updated antivirus and Windows Update would do the rest…

I do have a wired router with UnNp and remote management turned off as the password is changed also.

I know some firewalls keep more data in than others like free ZA does not keep data in but the paid version does.

I have used CPF before then I reformatted my PC and was thinking off installing it again

regards  stillen
  1. Yes, it has the capability to stop data from escaping your computer (as in the result of a trojan or some other malware). This will require some user interaction,though.

  2. As I understand the question, this would be outside the power of a firewall (or virtually any single application). You would need an anonymous proxy service, a browser sandbox, no browser cache while surfing (which would slow browsing), no saved passwords, no typed passwords, use an alternative browser, no activex or scripting of any kind, buffer overrun protection, and so on.

While on the internet, your browser provides a lot of information in the headers alone - and there’s nothing that can change that, really. While you can stop or clear caching on alternative browsers such as Firefox, Opera… on Internet Explorer it tends to keep the stuff available even if you think you’re deleting it. Even if you lock down your browser, you have no control over what the website caches or archives, or if there are “drive-by” exploits on the site (even unknown to the site’s owners) that might seek to cause trouble.

Unfortunately, the nature of the problem is that it’s very complex, and the bad guys are always seeking out new ways to make inroads into our security. A layered, even proactive (such as a HIPS), defense is probably the best thing; combined with knowledge of your computer and staying alert to what goes on…

LM

LM thanx for the response te sandbox was what I thought would be needed doing but will not go that far.

When installing CPF do I need to unplug my ethernet from cable modem to disconnect from the internet

thanx stillen

Make sure you have uninstalled any other firewall (with the exception of Windows XP Firewall - just disable that) prior to installing CFP. I would suggest cleaning the registry also, and doing all this in SafeMode (as per my comments below).

I would recommend installing CFP after booting into SafeMode (no Networking). You can disconnect the internet cable, but if you’re in SafeMode that’s not really necessary, as there’s no networking capabilities.

The benefit of using SafeMode for security software installation is that it makes sure you don’t have other conflicting applications running in the background. Only the bare bones of the OS and minimal services are running.

If you don’t want to use SafeMode, then yes, unplug internet cable. Also, completely disable any active security applications - antivirus, antispyware, HIPS, registry/file protection, etc - before beginning to install the FW.

LM

Having UPnP enabled on your router is that a security risk?

Get different views on this.

UPnP on your router allows for automated port forwarding and/or discovery, as I understand it.

From a security standpoint, it is preferable to have this configured manually instead, so it’s entirely under your control.

Plus, with CFP, in order to accept an unsolicited inbound connection, you must have an appropriate Inbound rule in your Network Monitor. With games, p2p applications, and so on, this is done through defining a Destination Port in such a rule (see the tutorials in this thread) https://forums.comodo.com/index.php/topic,6167.0.html This port needs to match what is forwarded through the router. If the router has UPnP enabled, the port is not pre-defined or manually forwarded; thus, you wouldn’t know what it would be, and chances are that it would not match up with your Inbound Network Monitor rule.

That’s why the tutorials state to turn UPnP off in such applications, and manually define the port.

LM