New to commodo

Comodo Internet Security - CIS Firewall Help - CIS
1

Okay I am new and I know that Commodo has to learn my computer. I actually got it 1 hour ago.

  1. how do you unblock a previous application?

  2. what if you trust the application and you know it do you block or allow?
    because Commodo system is saying that even it is trusted if unsure block it

  3. i blocked “system” but i think it is referring to my computer, block or allow?

  4. how would i know that even if it is “trusted”, how will i know it is not a malware etc even when trusted ?

**********any other tips to notice if there is a untrusted application that could be pretending to be real **********

thanks to everyone and i know it is long. sorry but i must know. thanks again.

2
  1. I’m going to assume you mean how to unblock a blocked application. this may help:
    https://forums.comodo.com/empty-t56920.0.html
  2. if it says trusted you can allow it and if you know its good then allow it.
  3. System is your computer Allow
  4. Comodo is usually right when it says trusted but if your suspecting things google it
3

please read the manual one time. and when you have questions left, feel free to ask.

  1. i only allow what NEEDS connection to the internet. and only OUTgoing.

  2. you have a firewall because SYSTEM doesnt need contact to or from the internet.

  3. you dont know if its malware or not, only when you loaded regular software from trusted spaces, and when you use an antivirus (but it can fail though).

use the stealth port wizard in comodo. hide me from everyone.

“only outgoing” means, you get requested packets, but unrequested contacts from the internet are blocked. you want to use the internet, but you dont want the internet to use your pc.

4
3) you have a firewall because SYSTEM doesnt need contact to or from the internet.

???

What item, in what part of Comodo and what version do you define as “system”?

you want to use the internet, but you dont want the internet to use your pc.
I don't want either my computer to leak whatever because everything outbound should be allowed, and i think that one should have full control not only of the inbound, but also of the outbound packets.
5

System handles sharing files, folders and devices over th local network (NETBIOS).

6

In CIS3, defense+, the Windows System Application group, altough no one exactly knows what it does or not since it is preset, definitely needs to connect to internet (e.g. lsass but, true enough, “system” is a dedicated subgroup in this group).

In the firewall, i have a system allowing rule for udp ports 135-139, outbound to LAN, and coherent with what you say: there’s no LAN access if not allowing Netbios on TCP/IP inside the LAN.

Nevertheless, and altough my only other system firewall rule (ask for whatever else) forever remains silent, is it some proof that Netbios on TCP/IP wouln’t ever need “system” on the WAN side, even if the absence of WAN network shares?

7

“system” ect in the log :wink: … in other words “block IP in any”

i didnt said that everything outgoing should be allowed… i said, that IF you allow something, it is enough to allow OUTGOING for it.