Good or bad news? No firewall activity.

Hi folks.

I know that when no CMDO firewall events exist, this is good news. But if the reason for this is cause the cmdo firwall is not funtioning, this is bad news.

How to check whether the cmdo firewall is fully functioning, is the ultimate question.

Thanks for the help in advance, Diligent.

[attachment deleted by admin]

Do you have a router, or a DSL connection?

Or a router and a DSL connection. :wink:

If you are sitting behind a router, due to the nature of NAT, you won’t see much (if anything) on your firewall logs.

Nope what i said is correct, most DSL modems also have a firewall.

Most DSL modems also have a built in router…

And the firewall in the router is really irrelevant because unless the user has enabled it, it will come from the factory off because NAT negates the common net “chatter” by default. You will only see the traffic specifically addressed to your machine. And chances are pretty good that most of this is traffic your software firewall isn’t going to be blocking.

I’m guessing if a user has enabled the firewall on their router, they’ll realize they aren’t going to be seeing much action on their software firewall. NAT is less understood.

hmm had no idea it comes default off… thanks for the info. :slight_smile:

@diligentinquirer

Can you try a reinstall?

Qwest dsl. fresh cmdo install after 512mb to 2gb ram upgrade. Tks. Diligent.

You almost certainly have a built in router then. What make/model is your modem?

Actiontec M1000, Thanks

Ah, same one I have. :slight_smile:

Yes, that modem has a built in router. So due to the nature of NAT (Network address translation) you aren’t going to see much action (if any) in your firewall event logs.

Basically, your router is filtering out all traffic not specifically addressed to your machine. So you won’t see all the thousands of port scans and pings that you would normally see when connected to the internet. In fact, you can run the Shields Up test at GRC.com and you’ll come up stealth with no firewall enabled.

NAT isn’t a security feature though. If someone knows you’re there and wants to get through, it’s easily accomplished. That is why you have Comodo. :slight_smile:

That router also has a firewall you can enable by going to http://192.168.0.1/ and looking in the advanced settings. It’s up to you if you want to enable it or not. Even if you enable it, it’s still a good idea to run a software firewall like Comodo for the outbound protection it offers. Even if it’s not going to be working very hard, it’s always nice to have another layer of protection. And since Comodo is so light on system resources, you aren’t impacting your systems performance much to have the firewall running.

Here is what the advanced settings for enabling this firewall says:

The default firewall security level is set to “Off”. Activating the firewall is optional. When the firewall is activated, security is enhanced, but some network functionality will be lost. If the firewall is enabled with dynamic addressing in step 1, all DHCP allocated addresses will use the same firewall rules. Static IP addresses can be configured on a per address basis in the firewall.

  1. Select IP addressing type.

IP Addressing: Dynamic Static Block (Unnumbered Mode)

Apply rule to:

  1. Select your firewall security level and the selection will be automatically
    generated in the table below. Select “Custom” to build your own security level
    firewall. Note: If a check appears in a box, that service is open (or allowed).

Custom
High
Medium
Low
Off (NAT [Network Address Translation] only)


  1. Click “Apply” to save your changes.

Apply

Under #2 (*****)there was a bunch of in and out port info I elimated which solely came up when I pasted the copy of the page.

What does “but some network functionality will be lost.” mean (If ya know)? Tks

It means that if you have something that depends on access to a port you’ve just blocked by enabling the firewall, it will no longer be able to connect.

My ADSL modem in Router mode with built-in firewall disabled, filters all casual inbound traffic (internet noise?) due to NAT only :-La

Yes, that is what I mention above.

So due to nat (whatever that is), the regular traffic one sees on the cmdo firewall events page, is blocked. Ok. Am I better off with the router firewall enabled (dbl firewall), so ;ong as I assure the ports I need to be open, are open? Tks, Diligent

It’s all down to personal preference. Many people run a hardware and a software firewall. Which is fine, but you don’t want to run two software firewalls together.

Personally, since NAT keeps the chatter out, I don’t have the firewall on my router enabled and rely on Comodo’s firewall for any actual intrusion attempts to my machine. (I’ve yet to have any)

NAT explaination NAT (Network Address Translation) - Tech-FAQ.

Statefull Inspection Stateful firewall - Wikipedia

On my Netoptia/Motorola modem/router I have NAT, stateful inspection, and the firewall all set on. Note that with this configuration if you need to use uTorrent and the like, you would have to define “pinholes” on the router firewall. These are basically router firewall rules to open select ports. Most router firewall rules are very cryptic and somewhat difficult to setup.

The only alerts I get from Comodo’s firewall is when I install new software and it attempts to connect outbound for the first time.

@ HeffeD Hey guy, thnaks Much for the GRC.com shieldsup test site info. Been looking for something like that in my surfing travels. Very good info there. other help, also Appeciated!

@ DonZ. tks for the two explanation urls! And your experiences also helpful.

So gys, even with all this help, still wondering about this. How to test just the Comodo firewall to be sure it is working, ya know?. Use GRC.com shieldsup tests>> if so, how to setup? or?

Thanks Diligent.

Well, you can try the COMODO Leak Test Suite.

Other than that, in order to test your software firewall at GRC.com, you’d need to set up a DMZ in your router. I’ve never bothered with that myself, so I couldn’t tell you how to do it, but I’d imagine the modem documentation could help you out there.

ok HeffeD. will try all yr sugestions. Much appreciated, Diligent. 8)