Going from CIS 5.8 to CIS 6xxx

Comodo Internet Security - CIS Firewall Help - CIS
1

Using Win764, D-link router (Hardwired to router) Also a a wireless laptop, but for now, just questions for this set up.

Using the rules below, I control certain applications through the mac address on my virtual tap adapter.I had to make sure IPv6 is disabled.Even with these rules below, if you lose your vpn connection, IPv6 will start in a minute or two and override these rules.I used a reg hack to disable IPv6, and unchecked the adapters in network settings for IPv6.

I also block the most commonly hacked ports.My reasoning for doing this is explained below.When I look in firewall Events ports 135-139 are always getting blocked 445 is another port in question.I would rather have these ports blocked.

Rules: I control certain applications through the mac address.I cannont go online without being connected to my vpn.If my vpn connection is cut off, certain apps will stop immediately. (ie) Firefox, Utorrent ect…

A. Create a network zone, Get the MAC for the TAP-Win adapter

  1. (XP) Start / Run and type CMD, press enter.
    (Win7) Start and type CMD, press enter.
  2. You should see a black box called a DOS box with a blinking cursor.
  3. Type IPCONFIG /ALL
  4. Look in the mess of junk for the section that says TAP-Win32.
  5. You need the part that says Physical Address . . . . . . 00-??-??-??-??-??
  6. Leave this window open for now.

B. Create network zone, Add in Comodo

  1. In Comodo, goto Firewall / Advanced / Network Security Policy / My Network Zones
  2. Add / New Network Zone
  3. Name it BolehMAC (press apply)
  4. Select BolehMAC
  5. Add / New Address
  6. Choose “A MAC Address” and enter the Physical Address from earlier.
  7. You should see your new Zone with the New rule.
  8. Press OK.

C. Make a Pre-Defined Rule

  1. Open Firewall / Advanced / Predefined Firewall Policies

  2. Click ADD

  3. Enter a Name, BolehOnly

  4. Add…
    Action: Allow
    Protocol: IP
    Direction: In
    Source Address: Any
    Destination Address: Zone / BolehMAC
    Apply

  5. Add…
    Action: Allow
    Protocol: IP
    Direction: Out
    Source Address: Zone / BolehMAC
    Destination Address: Any
    Apply

  6. Add…
    Action: Block
    Protocol: IP
    Direction: In/Out
    Source Address: Any
    Destination Address: Any
    Apply
    Apply
    Apply

  7. You should now have 2 green rules and then a Red one.

D: Apply rule to Applications

  1. Open Firewall / Advanced / Network Security Policy / Application Rules
  2. Choose the application that should only work with Boleh active (BolehRoute), or add an new one.
  3. It will open to “Application Network Access Control”
  4. Here choose the Predefined Policy “BolehOnly”
  5. If there are other rules already, they will be removed. To keep any existing settings, you’ll have to improvise here.
  6. Apply
  7. OK.

Do this to all apps that should only access through the VPN (BolehRoute)

E. Testing…

  1. In the above example, I made a rule for Google Chrome.
  2. Disconnect from BolehRoute
  3. Open Chrome - it is unable to load the home page.
  4. Enable BolehRoute
  5. Refresh Chrome - it works.

[attachment deleted by admin]

2

The manual can be accessed from every page of the interface.

But if you wait for the new coming update of version 6, your experience might be smoother coming from 5.
I kept version 5.10. The interface of current version 6 somehow lacked vital things.
It was built with “novices” in mind. Functions are “hidden” for ease of use. :smiley:

You can also searchengine for the manual. The link did not work when i tried.

You have to make choices. For example, i kept sandboxie for various reasons. I kept my antivirus.

Personally i dont like version 6.

(I recommend proactive.)

3

Ok