I need advice with CIS Complete please.
I have Modem only and in Control Panel Win. Firewall and Defender are both Off.
I will tell you what i done when I install CIS:
Firewall → Stealth Ports Wizard → Block all incoming connection
Then I make Rule for uTorrent:
Allow
Incoming
UDP or TCP
Source = Any
Source port = Any
Destination = Any
Destination port = 50000 (my uTorrent port)
and thats all.
I was having problem with 0 intrusion attempt(s) but In Global Rules in Network Security policy, is the last rule in the list “Block and Log IP In from IP Any to IP Any where Protocol is Any”, when you edit this rule the box “Log as a firewall event if this rule is fired” should be checked for the Firewall to log an intrusion attempt.
When I check this option firewall starts to block intrusion attempt(s).
Now my question is do I have same protection with and without “Log as a firewall event if this rule is fired” checked?
The option doesn’t affect protection, it only tells CIS if it should log the firewall event or not. Even if it’s not logged, it’s still blocked, meaning that having it checked or unchecked will give the same protection.
It’s better to be checked only if you want the Firewall to log the intrusion attempts. Personally I think it’s better to be checked by default so you can see the IP addresses, etc. of the intrusion attempts. But even if it is not checked, the Firewall is still protecting your computer as it is still blocking the intrusion attempt, as confirmed by Ragwing.
