How to configure COMODO Firewall and Defense+ for maximum security on Win 7 x64?

To make a long story short, here’s a quick explanation of my problem/question:

I recently replaced my good ol’ F-secure firewall with the COMODO free firewall ( w/ Defense+). Whilst F-secure could be configured without hands, I was suprised how complicated things were with Comodo. I started with reading some tutorials from this very same forum and after finishing everything I thought that was it. Apparently, this is not the case. I ran the Comodo Firewall Test Suite and was suprised how low I scored (210/340 [at] ProActive Security, Firewall Safe Mode, Defense+ Safe Mode).

I would like to learn more about this software and how to use it but first I need to configure it right. So I am asking you to make me a simple checklist what to do to ensure that I’m safe. Remember to start with the basic stuff like making ports stealth (even though I have already done it, I suppose.)

And here’s some useful information:

I’m running Windows 7 x64.
Other commercial security products I use: Microsoft Security Essentials
My windows firewall has been disabled.
I use a P2P client (uTorrent).
I play multiplayer games daily (via Steam).
I use VMWare Workstation.
…and I’m a perfectionist. ;D

And some small questions I’d like to get an answer:

  • How do I reset the Firewall & Defense+ events list?
  • What kind of Application Rules should I set svchost and system to use? (Outgoing only?)

If you would like to know something more, drop a message to this topic.

Thank you for your answers and help.

Yours,

Spitfoo

I’m suprised how few answers I’ve got so far. (Not a single one!)

I’m happy with any tips, even the smallest ones. I hope you aren’t afraid of that huge amount of text I wrote in my opening message.

When you are running the Comodo Leaktest program in the Sandbox you will get an incorrect answer. As the sandbox will let Leaktest believe it did things that were actually not executed.

To learn more about the Leaktest program and how to use it please visit Leak Testing/Attacks/Vulnerability Research.

You can’t erase the event logs easily. There is workaround for it I cannot find right now.

There is a rule of thumb to make svchost.exe Outgoing only.

dear spitfoo, I am not an expert but I suppose to be medium intelligent man :wink:
I am a perfectionist too, but like you I didn’t found anything to guide me in maximum security configuration, so I suggest this

  1. be sure your pc is clean by virus and spyware
  2. install comodo firewall or reset to basic settings
  3. turn of all network wireless or cable boards
  4. set the defense + in learning mode and start the most common programs you use. this will allow the defense + to learn the basic process of your machine
  5. now restart the pc and turn on your network connection
  6. defense + in paranoid mode
  7. be patient and examine all the message defense + give to you.
  8. allow only the activities you or the defense + recognize as safe
  9. block all the things you aren’t sure

IMPORTANT* IF YOU BLOCK SOMETHING YOU’RE SYSTEM WILL NEED, DON’T PANIC, TRY TO SET DEFENSE + TO DISABLED OR LEARNING AND UNDO WHAT YOU’VE DONE WRONG.
IN THE WORST CASE, RESTART THE PC IN SAFE MODE, AND CHANGE THE SETTINGS OF DEFENSE +

I have an i7 notebook with windows 7 64 bit enterprise edition and it’s working fine :wink: