Installation for Dummies

Hello all!
I would first like to apologize for my computer ignorance. You’ll understand what I mean in a moment. :slight_smile:
The only thing that I do know about Firewalls is, 1) We need them! 2) Win XP Firewall (though not bad) is not sufficient, enough!
The rest is very confusing to me. The more I read the more lost and confused I become. I have no desire to learn everything there is to know about computers, internet, networking etc.
I surf very little and mainly use my computer for communication by way of email with my family. And I like ebay, buying/selling.

So, how does a “Computer Dummie” like myself, install Comodo Firewall and be assured that we are protected?
In otherwords, if I install Comodo, and I allow it to “Automatically” install using the default settings, am I protected enough?
So far, all I have changed from the default settings are the Rules pertaining to “ICMP” requests in/out. By default they were being “Allowed”. I changed them to “Block” only because I have read that “Ping” requests from the internet is a security risk.
I guess an “Installation for Dummies” tutorial would be a good thing. JMO
Thanks for your efforts!

compu_noob, welcome to the forum.

If you’re connected to a LAN with other computers then it’s best to run the wizard to make things start! :slight_smile:

Here’s a great video showing the installation steps that was created by AOwl (a forum mod):

Hopefully that will help you get started.

Little Mac, an expert moderator, will fill you in on the rest because he’s an expert. (:KWL)

Tnx, soyabeaner, that’s high praise (although I don’t think it’s warranted)… :smiley: I personally count our wonderful Moderator “panic” as an expert (amongst others); compared to these guys, I’m the noob…

compu_noob,

to answer your question directly…

Yes, if you choose the Automatic install, and do only the things you’re talking about, you should be set and secure. This default configuration works for the majority of setups; it’s specifically designed that way. Yes, you can dig deep and create a very detailed security with CFP, but for the average user that’s probably not necessary, IMO. Regarding CFP’s security, here’s what is probably one of the better firewall testing sites; they are very thorough in their procedure, and not affiliated with any software. http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php
The “highest security” settings for Comodo (as mentioned in their reporting) would be as follows: Go to Security/Advanced/Miscellaneous. Uncheck the box, “Do not show alerts for applications certified by Comodo.” Move the Alert Frequency slider up to Very High. That’s it. The only test CPF (version 2.3) failed (the COAT test) has been resolved with CFP (version 2.4).

The default Network Rules for ICMP are not a security risk. They are there to allow for certain types of situations (that may not apply to every user). The only Echo Request rule is to allow Outbound, which would allow you to do certain tasks such as PING or TRACERT. In my experience, the average user probably doesn’t need to do that. You can keep those blocked if you like; if it doesn’t cause you any problem that way, it should be safe to remove entirely. You don’t necessarily need the ICMP rules, or the GRE one; some do, some don’t. I don’t personally use the GRE rule, and the only ICMP rule I have is a custom one, for the LAN I’m on at work (I don’t have it on my home setup).

To learn more about this wonderful firewall you have, I recommend reading thru this thread: https://forums.comodo.com/index.php/topic,6167.0.html. It is a locked compilation of various explanations and tutorials about the FW and commonly used applications that require some specific rules. Being locked, there’s just info, no responses or questions. Each topic within has an embedded link (bold red text) back to the original topic, so you can post any questions you may have.

If you don’t have questions, that’s fine; but it’s a good way to learn a bit more. Who knows, you may decide you want to dig deeper… :wink:

LM

Thanks for the info! You guys kept it simple! That’s what I need! I dig deeper when I can! Thanks again for the help!

If an expert is comprised of

X = the unknown factor

and

spurt = a drip under pressure

then, yep, I’m an xspurt. :smiley:

ewen :slight_smile:

The way I heard it was that
X=has been :slight_smile:

Al

either or. the cap still fits.

Hi. I have just heard of CFP and decided to try. I have used many, many firewalls (kerio, pctools, za, kaspersky, checkpt, etc). I have installed your product by both NOOB (even followed video!) and expert methods on an xp sp2 pc behind a firewall. It does not work; ie. None of the internet browsers see the internet. Even if I select “allow all traffic”, it is blocking a bunch of traffic (http, ntp, dns…). Only when I uninstall does everything work again.

Ideas?

Are there any relevant entries in the logs?

Ewen :slight_smile:

Are all other firewalls including XP’s totally uninstalled and was CFP installed in a clean environment like in safe mode to avoid software conflicts?

thanks for reply. more info: xp sp2 all updates, avast antivirus (tried disabling), pc has vmware w/ 2 adapters, running on network (2 physical pcs) with router and dsl. I set up the trusted zone as 192.168.0.1 thru 192.168.79.255 (encompasses virtual and physical LANs). Unlike ZA, I don’t see an “internet zone” setting.

nothing meaningful I see in the logs. i uninstalled kerio, rebooted, installed comodo. tried standard setup. could not go to web on any browser, even though they are listed as trusted app. tried turning off comodo, again no web but comodo logs show it blocking traffic while “off”. uninstall, reboot, web works. reinstall using expert mode, same result. uninstall, reboot, reinstall via “noob” vid, same result. oddity: 192.168.1.254 (dsl modem, connected into router/switch) shows blocked port traffic even though in trusted zone. don’t see why this should be with this setup.

uninstalled, rebooted, installed za, works. one question i have is during the initial boot, when you start getting the security popups for permissions, one window may say “1of20”, and yet choosing “remember this setting” and “allow”, it did not go through 20 iterations. to clarify, it seems as though there are multiple apps trying to get permission, but only maybe five cycle through for explicit permission/denial. while a few are repeats (looking through list before first approve), it does not seem to be taking explicit permission on each.

any expert ideas?

kenfo, the only time I’ve seen this type of behavior is related to a faulty install due to conflicting applications - active AV, AS, HIPS, residual remains of previous firewall (for which ZA is infamous), etc.

When you say you turned Comodo off, did you close the GUI, right-click the systray icon & choose Exit, change Security Level to Allow All, etc? What was the specific action you took? That will help.

Also, I think another user recently had a similar problem (Soya worked with them), and it related to a corruption in the IP Stack (or something like that). I think, if I remember correctly, that they had no connectivity even when uninstalling CFP, though, so it may be unrelated.

LM

When you say you turned Comodo off, did you close the GUI, right-click the systray icon & choose Exit, change Security Level to Allow All, etc? What was the specific action you took? That will help.

I tried “Allow all” and Exit. Still nothing until uninstall. Kerio did NOT come out cleanly, so I deleted all entries from registry and directories. Had to rebuild wmi to get security center to see comodo. Here’s the rub: if it were network or corrupt uninstall causing lack of connectivity, za shouldn’t work right either. I may redownload and reinstall.

I’ll let you know what happens. thanks for input. :■■■■

If Allow All and certainly Exit did not resolve the issue, then we know it’s pretty certainly not an issue of the rules within Comodo. This leaves us with the conflict/corrupted install approach (based on my experience).

I agree that if the IP stack were corrupted, you most likely wouldn’t be able to connect with or without any given firewall.

However, a problem on install of CFP would not necessarily preclude connectivity via a different FW. CFP uninstalls more cleanly than most, for one thing. For another, it also operates a bit differently, perhaps more deeply embedded in the system; other firewalls don’t seem to have some of the same “sensitivities” to install problems causing connectivity issues.

I would suggest getting a new download of CFP, just to make sure you have a good install package; if you have the capability, check the download for integrity (checksum, hash value, etc).

Disconnect from the internet physically (or disable your NIC).

Uninstall your existing FW, reboot.

Clean out remaining entries from the registry (sounds like you’re familiar with this…), reboot.

Completely turn off/disable/close/exit any active security applications (antivirus, antispyware, HIPS, registry protection, etc). Depending on what you have, it may be beneficial to stop their Services as well.

Then reinstall CFP; please do so on Automatic, rather than Advanced/Manual (this avoids some commonly-seen configuration problems; you can tweak it to your liking later). Reboot, re-enable any security software that actually stayed turned off, and reconnect to the internet.

LM

PS: If you have Kaspersky AV, or the AOL derivative using their engine, you may have ongoing conflict issues; KAV does not seem to want to co-exist with CFP.

The member who had a corrupt TCP/IP stack actually did have connectivity, just not with Frostwire, but he did with other programs. So it’s not all certain that it isn’t this issue. It shouldn’t hurt to try to reinstall it (make a record of any important IP numbers/settings before you do). There are other suggestions from the link within this link like winsock repair to consider: https://forums.comodo.com/help/frostwire_wont_load_resolved-t9903.0.html