firewall logs

Hi All

I have just reinstalled Comodo, after having some stealth problems, which see okay now as they are passing the test at ShieldsUp, PC Flank.

This Is what i get in the logs
Windows operating system

I have Placed a attachment with my logs.
Are they okay as i think that they are different then before


[attachment deleted by admin]

A couple of them look a bit suspicious, but most seem to be the usual ISP traffic and other common connection attempts. Check the IP addresses at: to see if there are any that you don’t recognize. I don’t get these connection attempts any more - they seem to quit after a while and I have not had any problems as a result.

I am also getting loads of these being blocked ( approx one every 5 seconds) except the Destination IP is I haven’t a clue as to what they mean but would like someone to explain how to set a rule so as I didn’t get them anymore. Bear in mind that i am old and not very PC technical.

thanks AnotherOne

I will check out a few Ip addresses and see what i get

hi bluesjunior


Hi bluesjunior - A common connection is to - it appears to be a system connection and should be allowed. Have you written rules for the firewall? I don’t recall which process makes that connection since I have allowed it on my computer. Would you reply with the process name?

Thanks AnotherOne for the reply. The process is Windows Operating System.

Now another question: have you written a Custom Policy for WOS or do you use one of the Predefined Policies? The simplest fix is to Add a rule to the policy used for WOS. If you have selected “Use a Custom Policy”, you can just do the following: Click Firewall>Advanced>Network Security Policy>(locate and select the WOS entry)>Edit. On the Edit window, click Add and write a rule as follows:
(check the event log for the protocol being used - or choose IP)
IP details Any (OR if using a different protocol: Source port Any Destination port Any)

This may not work if you have a rule for that protocol already defined. To alter that, you will have to edit the IP addresses in your My Network Zones to include the addresses already in the rule defined for WOS as well as the and addresses and use the new Zone in the rule you want to alter. Simplest if you can send the details of the rule that you have defined for WOS so I can advise you better.