Firewall policy help

Question One: Application Rules

Can I leave the default setting: “Allow IP Out From IP Any To IP Any Where Protocol Is Any”? Or, do I need to learn what TCP and UDP protocols represent in order to fully secure my incoming and outgoing packets?

Question Two: Global Rules

Can you explain why the three allow rules are in the global setting of “Block All Incoming Connections-Stealth my Ports to Everyone” Can I just have the block rule only?

Comodo Rocks!!!

Thank you,

Jamin4u

hello,
I also use stealth port setting
I removed all of the allow settings in global rule.
left only “Block IP in from IP to IP where Protocol is any”

allow out could let app rules decide

Hi,

ICMP incoming FRAGMENTATION NEEDED and TIME EXCEEDED and IP OUT are to handle (only) routed traffic properly. Your security won’t be compromised AFAIK.

  1. Could you give me some feedback on my first question.

  2. Why have any incoming or outgoing allow global rules? Wouldn’t zero be the same as ten? Either way, all traffic will pass.

Thank you

Ok, that’s true, i missed it. So, it is always better to specify protocol and ports for each app in the list.

It depends on your rules. If you don’t need any - delete all of them.

You can set up CFP3 without any global rules if you wish-they are a convenience to many users, not a necessity. I don’t have any because I find them more of a nuisance than a convenience. You can add many of the normal global rules under the application “Windows Operating System” and put the “block all inbound” at the end of your application rule set.

[attachment deleted by admin]

Thank you for the feedback.

Can you give me some guidelines, or a link for a good read?

Thanks again,

Jamin4u

Sure: link1, link2, … (?)