It was very useful therefore i do not know nothing about it. I installed Comodo about 10 days ago when i installed Win 7 x64 too. I allowed many things and gave them trusted. I want to remove all that and to start from beggining. Where is the list of all allowed app which i gave them and to remove them?
I see in configure topic i have to select traning mode ONLY for 10min. I selected traning mode from the day when i installed :-[. There is to mode for slecetion: Firewall and defense where and how to select?
How to be sure when from nowhere Comodo tell me something what to connect to The Internet when i do not know what is that? And i do not regonise what is that and i didn’t start nothing before it.
For Firewall go to: Firewall → Advanced ->Network Security policies. There is the list. If you want delete everything.
I would recommend you to set Firewall to Cusytom Policy. You can do it here: Firewall ->Advanced → Firewall behavior settings. Set the slider to Custom policy. In the other of this window, set the slider to high and check all boxes. If our computer doesn’t act as Gateway, then uncheck ICS.
For Defense+ i would recommend Clean-Pc Mode. In this mode, everything of every app already on your computer is learned. New apps must be configured.
Svchost.exe should be able to access to: UDP Out to remote Port 53.
TCP Out to remote Port 80 and 443.
For your browser CIS has a predifiened ruleset - so take it.
Most apps need access to Remote Port 80 via TCP out.
I would recommend, to first block every new request of apps you don’t know or you haven’t started. If everything works fine after that, you can block this app. Be careful and look at the Ports.
Never allow an app the full access to and from internet.
Thank you very much for these answers.
First two i understood and i set-up. Only what i didn’t understand is this:“If our computer doesn’t act as Gateway, then uncheck ICS.” I do not know for what is that and what is Geteway. Only for what i use the Internet are surf and downloading. I see there is ISC server, maybe that is for servers…
a) Do i have to memorize for these ports to know? When i get these question do i want to allow? I mean will it appear some other ports which are not advised to allow?
b) “Never allow an app the full access to and from internet.” do you mean never to checked app as trusted one?
Sorry because i have almost every day post new questions but i use this FW about 10 days ;D.
I think i didn’t good set. I had one problem and i solved it tonight. I play a browser game. I had problem to login iinto the game few days. I tried to exit from Comodo and to run it and it didn’t work. But tonight i click right click on tray icon > FW security level > disable fw. After that i finally log in into the game. When i turn on fw and back on Custom policy mode.
Why this happen? Please help me to turn it off all unwanted things which can block something which i do not want it. I am home user and i need for surf and to download. That’s all.
If you would like to know which browser game was it is: http://www.tanoth.co.uk/ it use Adobe flash player
Can you post a filtered log output only showing the relavant files? The filter option can be found in the advanced log screen. To enter the advanced log screen push the More button at the bottom of the regular log screen.
In what browser are you running the game? In the logs I also saw a reference to a game called sniper elite. I guess that is unrelated to the browser game you are referring to?
Edit the Web Browser rule. Create a rule for: Allow TCP Out, Source IP/Port: any, Dest.IP: 87.106.218.126 (if it doesn’t work, set it to any) Dest. Port: 843
I tried in: Opera, IE, FF and Google Chrome. 1st i thought i have problem with browser, then with cash and cookies and finally i found FW blocked.
Sniper Elite is installed game.
Now i am not sure what i have to do. I post log file from here:
It’s okay, if you remove the new created rule, when you add 843 to HTTP Ports.
You can prevent it, if you remove the block all incoming and outgoing traffic rule. Then you get alert for every connection, that is not triggered by an existing rule.
You can prevent it, if you remove the block all incoming and outgoing traffic rule. Then you get alert for every connection, that is not triggered by an existing rule.
Where to do that? I am still meet with Comodo :). Btw is this safe to do? Then i have to be 100% sure which port i will allow and which deny?
Well, if you remove this block rule, you will get alerted for every port activity with regard to your browser.
You have to be sure, what this port means, and if you have to allow or block it.
So i don’t recommend it.
You can do that in Firewall → Common/advanced(i’am using V4 beta, so don’t know, if it changed) → predefined rules. There you can edit Web Browser ruleset.
What i have to do with those 506 (number is raising every time when i already allow something)? For all files the status is “Untrusted”. Is this ok? Do i have to change something here?
btw why svchost.exe is the most often draw net connection? Maybe i do not understand this process for what is it… :-[