When in doubt you should block it.
I had the same question a few moths ago (in my case was after initializing Utorrent). See this link, a made a few questions and a moderator answer them.
Hope it will help.
Thanks for your reply! Based on the info you gave me, I will surely block that request. That said, it would be good to know how to “cancel” my decision, should I find out later that I should have allowed that request.
Since I am not all that familiar with Comodo Firewall, could you tell me how to reverse such a decision? It would be much appreciated! (I already looked at the many firewall options, but I am still not sure what to do in that case)
Thanks for your advice. Reading you make me realize how much I need to learn about computers and firewalls in general, in order to make the right decisions regarding my firewall alerts. Do you know of any good website where I could learn the basics of such knowledge?
DONT allow ingoing requests. there is no one in the internet scanning other computers to help them!
use only outgoing rules for (all) applications (as far as they run like they should then, 99% do run fine). so your requests go out, and the requested answer can come in though. EDIT: …IF you want a programm to have access to the internet !
use the “stealth port wizard” to generate a global rule “block ingoing IP” (in this case ip means ALL PROTOCOLLS). hide me from everyone. then you dont have to answer about unrequested ingoing attempts at all.
If, of course, inbound must be denied in most situations, it is obviously not the case if e.g. running a FTP server on the WAN side, and does not apply, if more then one computer, to LAN communications if the said LAN is operated from a same person or a trusted group (family…).
Separate rules must be made in these conditions for the unroutable local ip (192.168.0.n and localhost 127.0.0.1 in the present situation) and other ip.
Moreover, i still do not agree that everything should be allowed outbound and denied inbound: no one wants, on a principle basis and even if not holding defense classified informations, his computer to leak private data to the whole world.
The safe behavior is not to allow everything outbound, but to only allow what is strictly necessary (e.g. your mail client is only allowed ports 25 and 110 for the dns of your isp), and the firewall should as a consequence be fully customized in order to only allow what is needed.