First alerts when installing for the first time.

Hi every one.

This is my first time using Comodo. I have used Zone Alarm (long time ago), and BitDefender and McAfee suits more recently. Compare to them, Comodo got more options to play with, and according with what I read better security.
I have a stupid question. According to comodo´s manual, after you intalled it and rebooted, the alerts start coming out for the applications that are not in the data base and since they are already installed to avoid using -treat as- “Installer or updater” or “trusted Application”. So what do I use? -Allow this request- only. However, I have to say that I got alerts telling me that the application was not recognized like java.exe or FireFox Browser. Should I not give those apps more rights, and in Global Rules I have only one rule to block. See attachments.

Could some one advise me how to handle those first alerts correctly ? and if any rule is missing from Global Rules. Thanks in advance and I appologize for my English before hand.

PC with Windows XP Pro SPK 3. Avast Home Ed. SpySweeper 5.8, and WinPatrol (paid)

[attachment deleted by admin]

[font=tahoma]I would suggest you allow Java to connect to the Internet and Mozilla Firefox as well because they’re legitimate. Just because they say this program (like Java) was not recognized does not mean that it is not legitimate. And I would suggest you give Mozilla Firefox a “Browser Only” rule.

The second screenshot is the default rule that Comodo Pro Firewall sets up after you first install it. The rules for you to decide, because there is (technically) not any “missing” rule. It is up to you and will depend on your motives and tastes. Like how you want your network set up and what rules you want and what you want to allow and not allow to connect to the Internet (whole point of a firewall).

Hi drragostea and thank you for your answer.

Yes, I know I have to allow them. I know most of my files. The thing is what kind of permission to choose when most of the alerts come from apps already installed in the PC. The manual says:

" If you are sure that it is one of your everyday application, try to use the ‘Treat This Application As’ option as much as possible. This will deploy a predefined firewall policy on the target application category. For example, you may choose to apply the policy ‘Web Browser’ to the known and trusted applications ‘Internet Explorer’, ‘FireFox’ and ‘Opera’. "

On the other hand, some place else in the manual says:

" Avoid using the ‘Installer or Updater’ policy if you are not installing an application. This is because treating an application as an ‘Installer or Updater’ grants maximum possible privileges onto to an application - something that is not required by most ‘already installed’ applications. "

So, IE, FireFox I treat then as " web browser ". What about others .exe that are already installed in the PC and need communication IN and OUT like Avast or Java. Or what to do with System, or Updater applications. For svchost.exe I have read in other threads to treat as " Outgoing Only ".

Other Firewalls I used before where straight forward, allow, once, or block. I am not and expert in this network category. I know my system and what it has and how to work with it. Besides, being English a second language to me is not easy to read manuals and threads alike. I get confused.

Thank you again for your time.

You can work straightforward with CIS like you did before. When you know the application and trust it make it Trusted for D+ alerts. For the firewall you can use outgoing only for updaters.

CIS will keep you save because when an unknown program wants to start or change another program you will get alerted. Also when Trusted program try to start another Trusted program you will get alerted; you can allow this and set to never ask again.

Hi EricJH.

Thank you for your reply. I think I got it now.