How to Optimize Comodo Firewall Settings for Maximum Security?

General Discussion (off topic) Anything and everyt
1

Hey all, :smiling_face_with_three_hearts:

I recently switched to Comodo Firewall to keep my computer safe, and let me tell you, it’s packed with options! It’s a bit intimidating though, with all these settings and features staring me down. I’m hoping some firewall whizzes out there can help me out.

Ideally, I’d like to crank Comodo Firewall up to eleven for security, but without making my computer a total pain to use for everyday stuff. Here’s what I’m particularly stuck on:

What settings should I definitely tweak to be extra secure?
Are there any hidden gems in the settings that most people miss?
How can I find that sweet spot between keeping things safe and keeping my computer running smoothly?
Any tricks for managing all those alerts and permissions so I’m not bombarded all the time?
I also check this resource: https://forums.comodo.com/t/setting-up-firewall-for-maximendixum-security/228251 But I have not found any solution.
Basically, any wisdom you have on using Comodo Firewall like a pro would be amazing!

Thanks a ton in advance :heart_eyes:

Respected community member
Smith John :innocent:

1 Like
2

Hi!

What worked for me was Comodo Firewall- The Cruelsister Variation

1 Like
3

Hi John! You ask VERY important questions, and the answer is actually easier than you may think. Comodo is that rare (actually unique) product where the hidden secret is Less is More.

1). Comodo does indeed have a bunch of different settings to play with, and the obvious conclusion one may have is that by maxxing out as much as possible the overall protection ability of Comodo will improve. In actuality this is not the case at all! While not adding to security, most such “tweaks” will be nothing but a duplication of Comodo’s native protection ability’ also some such changes may impact System stability, thereby creating what is essentially a self-created bug.

Very often such tweaks are made in reaction to perceived threats that are already covered by Comodo (like creating a rule for a specific LoLBin), ot things that really have no basis in reality (like Stevie Gibson’s “Stealth” Port drivel, for which he was widely mocked when HE made up this phrase).

In short, keeping things at the basic level (although hard for some to accept) is Best Practice. Example of preferred settings can be seen in the link in Post 2 above. The only addition I would make is ALWAYS change to the Lycia theme as that GUI will give that best view of things.

2). You also want to have as little needed input (choices while maintaining excellent Coverage. This is very wise, and can be accomplished quite easily by placing Comodo in Silent mode as can be sen here:

Silent Mode example

3). When installing Comodo you must make a choice of instaling the AV only, FW only, or both. My suggestion is to stay with the FW.

The reason for this is stuff like AV’s and malicious link protection can be considered “Dumb” detectors- that is, if the product happens to have a definition for it, it will be detected and stopped- but if it does not you are fairly well ■■■■■■■. Although really popular in Professional and Amateur testing, running an Anti-Malware product against stuff (malware, malicious links) only shows which product is dumber than the others (although in the Pro tests, everyone usually gets a Medal).

An example of this can be seen in this video:
https://youtu.be/vnT2-5rIsI4
I coded a file (true zero day) that connected to my personal server to download another zero day. The results were sub-optimal indeed.

Comodo can be totally oblivious of the link or file but still afford protection against it (them) EVEN IF a malicious file is legitimately Signed as that file must first be vetted by C to insure legitimacy.

Sorry for an overly long and boring post, but jope this foes help!

m

2 Likes