Firewall Setting Assistance [Resolved]

razfam · December 28, 2007, 2:57am

I am new to this forum and would like to ask some of you experts your opinion on my security settings.

I have a Pentium 2.8 GHz with 2 GB RAM. I am running Windows XP, SP2 with the following security software:

BOClean
Avira Antivirus PE Classic
Comodo Firewall Pro V3
Windows Defender
AdAware 2007 (on-demand scanner)

I am specifically interested in how my firewall settings are setup.

I have attached snap shots of my application rules and global rules.

If there is something I missed please let me know.

Thanks!

Raz

[attachment deleted by admin]

Ragwing · December 28, 2007, 11:46am

Greetings!

Instead of granting a application full access to the Internet, you can use this:

Create a new port set and add these ports:

80 (HTTP)
443 (HTTPS)

I’ve named it Browser Ports, but you might use something else. You can also add FTP access (port 21 I think).

Now here’s the application rules:

[b]Allow TCP OR UDP Out From [Your MAC or static IP if you use router] To IP Any Where Source Port Is Any And Destination Port Is In [Browser Ports]

Allow TCP OR UDP Out From [Your MAC or static IP if you use router] To IP [Your DNS server] Where Source Port Is Any And Destination Port Is 53

Block And Log IP In/Out From IP Any To IP Any Where Protocol Is Any[/b]

This works fine for most programs (except for IM’s, P2P clients and some others). Also, I don’t know why you’ve allowed explorer.exe to access the Internet?
Check this post for how to configure uTorrent with CFP3.

The global rules looks good.

Cheers,
Ragwing

razfam · December 28, 2007, 12:59pm

Ragwing,

Thank you very much for your insight. I am not that computer savvy and have only been using Comodo for approximately 2 weeks. The program is a lot more interactive than the one (Zone Alarm) I am used to. Just a few questions. Do I create the new port set in the global rules section? Lastly, do I delete all the other application rules once I created the ones you suggested?

Again, thank you for your assistance.

Raz

Ragwing · December 28, 2007, 1:31pm

Firewall->Common Tasks->My Port Sets, then Add->A New Port Set… and name it Browser Ports or something. Then right-click it and select Add… Now add the ports I mentioned above.

You should delete all rules for an application before you create the new ones. Keep the current ones for:
COMODO Firewall Pro
Windows Updater Applications
System
Outlook
Alg
msimn
svchost
uTorrent

They use other ports than 21, 53, 80 and 443.

You might want to remove Internet Access for:
explorer.exe (it doesn’t need Internet Access)
wmplayer.exe (if you don’t need it to have Internet Access, block it. Might also use VLC Player instead)
winword.exe (why do a text program need Internet Access?)
setup_wm.exe (piece of sh*t, block it)
winzip32.exe (I don’t get it why it would need Internet Access, btw, you should get 7-zip instead)

Cheers,
Ragwing

razfam · December 29, 2007, 12:25am

Ragwing,

I really appreciate you taking the time to assist me on this.

Raz

Ragwing · December 29, 2007, 12:51pm

No problem. Do you have some more questions, or is it okay if I close this thread?

Cheers,
Ragwing

razfam · December 29, 2007, 1:12pm

No more questions. Thanks.

Ragwing · December 29, 2007, 1:17pm

Okay, then I’ll go ahead and mark this thread as resolved. If you need it opened again, PM me or another online Moderator with a link to this topic.

Cheers,
Ragwing