Network and Applecation Rules Question

New to using a firewall other then exceptions for Windows firewall,

When setting it up with uTorrent I setup a Network control rule TCP/UDP, In, Source IP any, Destination IP Any, Source Port any and Destination Port 40000(uTorrents incoming conn. port)

Is that all thats needed for it, or should I set up a Application Control Rule for the uTorrent.exe’s as well?

Also why am I still getting Network monitor Outbound/ ICMP Port Unreachable and Inbound/ Port 1026-1027 alerts?

Id appreciate any help. (:NRD)

Hey warchief_ryan,
and welcome to the forums. (:WAV)

Have a look here:
https://forums.comodo.com/index.php/topic,8049.0.html

This question is also answered in the post linked above.

Can you please provide some more details, e.g. a screenshot of one or two logs+details (box at the botton).

port 1026 is normally used by ms task planner
port 1027 might be used by ICQ (do you run it???, does it work???, did you set proper rules???)
(Of these 2 statements I’m not really sure, so please forgive me if I’m wrong)
Maybe some details will help.
Cheers,
grampa.

I did install ICQ once in the past but removed it like next day, if its ICQ how can I block it and stop getting the alerts for it? You sure its ICQ its not installed

Heres the alerts,

By the default Network rules, that alert/ log is generated by the last block rule. None of the prior rules allow it explicitly, so the last block all rule blocks “ICMP Port Unreachable”.

The ICMP Destination Unreachable (message type 3) is sent back to the originator when an IP packet could not be delivered to the destination address. The ICMP Code indicates why the packet could not be delivered.
http://www.snort.org/docs/faq/1Q05/node61.html

I think this is how it works: Your computer sends that message to reply to another computer that the port in question is closed. Comodo, with this ruleset, also stealths the port, because not only the port is closed, it does not say it is closed (blocks port unreachable message from going out). So if someone tries to scan you, your computer does not reply, like it’s not there (so not a target).

Hope it helps, and that i’m not wrong.

:■■■■

So i shouldent allow ICMP port unreachable? because it could be someone trying to detect open and closed ports. right?

I guess ill just block them if there not needed.

Love this firewall

Oh and on the UDP 1026-1029alerts i was getting, check this i found, ill just block them sense i dont use it. its a good read if your intrested.
http://www.linklogger.com/messenger_spam.htm

http://www.linklogger.com/UDP1026.htm