There are a lot of questions answered or avoided entirely by using the following steps when you initially install and set up CFP v3.
For those users familiar with CFP 2.x, this version of the firewall should be a breath of fresh air. Gone are the days of endless OLE Automation and other Application Behavior Analysis alerts. 
Section 1: Preparing for Installation
1a. Uninstall any previous third-party (non-OEM) firewall; if you have WinXP, turn OFF Windows Firewall. Reboot. In general, I recommend uninstalling in SafeMode to avoid driver and service conflicts that may otherwise occur.
1b. If you have a dedicated HIPS program running, I recommend turning it off temporarily while you install and set up CFP v3 (I would include registry protection applications in this category as well). It may block some components and not warn you, thus causing conflicts and improper installation. You can reactivate it once you have CPF up and running.
1c. If you have an active/real-time antivirus or antispyware applications running, I recommend turning these off (completely disable all real-time function) temporarily while you install CFP v3. Although they should not conflict directly, the load on the system may result in installation problems.
Section 2: Installing Firewall and Defense+ (HIPS module). During installation, you have the option to install both FW and HIPS, or just FW. Weâre going through a âbasicâ installation of both. Weâre not choosing any âadvancedâ options such as allowing inbound connections (for p2p, file/print sharing, ICS), custom configurations, etc. There are other tutorials geared toward these things, which can be accomplished later on.
2a. Install CFP. For you visual types, I have captured screenshots for every step of the way. Rather than post 12 screenshots, Iâve attached a PDF file of this tutorial with all screenshots contained therein. So to see the screenies in context, please download and read through that. The first one simply reflects the need for step 1a.
2b. The next picture simply starts the Installer. Obvious, yes?
2c. The EULA. Read it, run EULALyzer on it, etc. If you donât agree with it, donât install the product⌠By the way, if you click âI Declineâ you wonât be able to install. I wouldnât mention any of this except there are have been questions in the past about EULAs. Basically you just need to be aware that if you donât agree, donât install. If you install, youâre agreeing to the EULA. A note about Comodoâs EULA â the language in it is chosen to protect Comodo, and does not mean that you cannot install the application on more than one computer. Comodo would appreciate you doing a separate download for each installation, as this helps them track the usage, but Melih has stated more than once that itâs not mandatory; itâs to protect them against people redistributing the software in a manner not approved by Comodo.
2d. Where to install? Itâs best to choose the default location. If you go with a custom filepath for the installation, it might cause problems (not saying it will, just that it may).
2e. The start of the Configuration Wizard. This is where our options will start showing up.
2f. Like I said, weâre doing both FW and HIPS, so weâll take the top option. Just choosing âBasic Firewallâ means that the HIPS wonât be installed, you wonât have protection against trojans, keyloggers, leaktests, etc (all the things a HIPS module would do). Even though you install HIPS now, you can still disable it later; for those who only want to install the FW, you can still enable the HIPS module later on, as it will be there.
2g. This next option is where we enable the built-in, fully digitally signed and encrypted safelist (or whitelist). This is a list of applications which Comodo has fully analyzed in their labs and is known to be safe and legitimate. Comodo creates a digital cryptographic signature for the application, and placed in their encrypted safelist. When an application on the computer runs, it is matched against this list; if the cryptographic signature is an exact match, the program is allowed to continue; if it doesnât match, you will be given an alert in accordance with your security settings, so that you can take appropriate action. If the application has been tampered with, or merely has the same name as a known application, it wonât match. As of mid-January 2008, there are more than 1 million signed applications in Comodoâs safelist database, and it continues to grow based on user submissions (please do use the Submission feature to send more apps to Comodo for analysis, even if you consider/know them to be safe).
This safelist is one of the strong features of v3, and is there to make using a powerful HIPS as easy as possible. You may choose not to use the safelist, but you will have 1000 popups a minute (or maybe moreâŚ)!
2h. If you use ICS, p2p applications, or file/print sharing (such as on a corporate LAN), you need to allow unsolicited inbound connections. Since weâre doing a âbasicâ setup here, weâre choosing âNo, I donâtâ; there are tutorials for ICS, p2p applications, and so on here in the forums to help you set it up later on â donât worry about not being able to get it going if you skip the step here.
2i. Hereâs another place weâre going with âbasicâ rather than a custom setup. This is the best way starting out, as you can still refine your settings as you go. If you were to choose Custom Settings here youâd be given more options (and it would be quite easy for you to lock the HIPS module down way too tight to be easily used.
2j. Now youâre done, and just need to reboot! Yay!
- After rebooting, CFP v3 will start with Windows. Firewall will be set to âTrain with Safe Modeâ which means that the safelist discussed earlier will be used to allow known applications to access the internet as needed (including Windows updates, etc). Defense+ (HIPS) will be set to âClean PC Modeâ which presumes that every application (executable) on your machine is safe (not to be confused with the safelist, which is a different thing). This is fine, since you shouldnât be installing the FW if your computer isnât âcleanâ anyway. However, this means that if you have proof of concept applications already on your machine (such as leaktests) and run them, they will be allowed! In order to test v3 against such things, you must change to Train with Safe Mode before running them.
3a. Shortly after logging into Windows, you get the following popup from CFP, that it has detected a new network, and provides options to either be visible to the network (you will need this for corporate LAN and/or file/print sharing), or not have CFP tell you when new networks are detected. It states that you may close the window to skip it. I will tell you that you have to at least click OK (without choosing anything) or this will reappear every time the FW starts.
You may tell it not to detect networks, but that is actually a security feature â if someone physically added a 2nd network card, or wormed their way into your wireless network and started changing things, attempted to subvert your system by running a virtual network adapter, etc, this will help you be warned. So just a quick explanation about that.
- Installation Mode. On v3âs Summary page, toward the bottom in the Defense+ section you will see a line that says, âSwitch to Installation Modeâ, right next to an icon commonly used for installation packages. Before you install any new application, click this to switch modes. This allows v3 to monitor the installation process so that the HIPS wonât interfere with the install, but still protect your machine from other unrelated processes running which shouldnât be.
When you do this and run the installation package, you will first get an alert that explorer.exe is accessing the installation executable; you may respond with Allow (but not Remember). The next alert will be that the installation executable is attempting to run (and access something); select in the dropdown to âTreat as an Installerâ but not Remember (see screenshot). This will allow the installation to occur several levels deep (such as a completion after reboot, as some applications do). But if something new unrelated to the installation attempts to run, v3 will alert you.
- While following these installation steps will provide you the âout of the boxâ security that Comodo is already famous for, please be aware that this does not mean you wonât have any problems. This is the case with any and all computers, along with any and all software; there are a lot of variables involved, and some combinations of configurations just donât play well together. Thatâs where this Forum, and Comodoâs Support site, are invaluable. Use the Advanced Search feature to narrow your results to the Firewall, to look for similar problems. If you have questions that arenât answered, or need clarification, just ask; someone will be glad to help (Note: the Moderators are not Comodo employees, but volunteer users). When posting a new topic, please keep the Subject line concise and accurate to describe the problem (for example, âCPF blocks IE7â rather than, âHelp! It doesnât work!â). Also please look, and post, in the v3 section of the firewall boards, as 2.4 is still an active supported application; if you post in the wrong area, it will confuse the matter and interfere with our ability to answer your question.
Welcome to your new Comodo Firewall Pro v3 ~ Happy Hunting!
LM
[attachment deleted by admin]