Not sure about global rules

Hello. I dont mind admitting firewalls defeat me. So, with that inmind I could use a little help. I uninstalled/reinstalled comodo but the global rules seem different…before there was just a bunch of “red” rules blocking everything but now there is a bunch of “green” allowing most and just one blocking rule.

Does this look correct? Thanks :slight_smile:

The last red one is the most usefull. The green ones are just exceptions. Or they are even un-necessary.

If you dont have a home network, or if you dont trust everything in your homenetwork, you should erase the first 2 green ones.
The third one does not have any effect. Erase it. As it isnt an exception to an existing block rule.

You will keep two green ones, and the important red one.
Its a better setting than the one with many red ones, btw.

This is stealth port wizrad setting 3. And a “suggested” home “network”.

Hello Clockwork, I think we’re on different timezones so just getting this now, but thanks for the input, very much appreciated. This is what I have now.

Thanks again for your time :slight_smile:
Quick Edit: Just thought to mention, I set this up (without AV) according to this tutorial.

I would recommend the using of an antivirus. To check new entries on your computer.
Avoid those programs which ask for money first.
You will find good tested programs which give you the choice :slight_smile:

Hello again Clockwork, and yes, I do use AV, (Avast), I was only saying I set up Comodo without installing Comodo AV…apologies for confusion. Just getting used to the protected files settings in D+, never had that set right in the past and I have some batch files for cleanmgr and a bunch of other stuff…was getting “windows cannot access” errors but just a matter of putting them in Trusted files, its no hassle and I like the added protection. Thanks again for input, Im pretty sure I have things set up as you recommended and glad of the help. Im ok with most stuff but like I said in the first post, firewalls always defeat me, so much appreciated :slight_smile:

While trying to tidy up rules, Im gonna push this a bit further if thats ok.

  1. In Application rules Im looking at the top two “If target is home” rules. In Global rules advise was to remove similar cos not part of a network, Is that the case with these two…(Dont want to remove em and find I shouldnt have).
  2. And also, do I remember something from older versions about a rule or two that might tighten things up specifically regarding System?

You can also remove the two rules in the rule for System as you chose not to trust your local network. This is the second step to take.

Hello Erich and thanks for your input. Im just getting this now as I thought this thread was dead (been a while since any post) and was actually going to post with another issue…but gonna stay with this one for now. Would it be wiser for me to “trust” my network and if so where is the setting for that. I must have missed that on setup, so which would you recommend? Thanks again for getting back :slight_smile:
EDIT: Just to clear up confusion, if you recommend removing the two system rules, should I remove the system rule at the root or just the two sub rules? Thanks again, Techdunce.

The choice for trusting your local network is totally up to you. It can be convenient if you have files or printers to share with family and you trust those machines to be clean. Otherwise you may decide not to trust your local network.

To make your local network trusted use the Stealth Ports Wizard and choose the first option Define a New Trusted Network and Make my Ports Stealth for Everyone Else → select “I would like to trust one of my Network Zones” and choose network zone Home #1 → click on OK and you’re done. Check Global Rules and the rule for System to the changes.

Hello Erich. I dont share with any other pc’s so decided to stick with original configuration (option 3 in stealth port wizard). have deleted the two rules but wondering should I also delete the parent “system” rule which is now empty with a “custom” under treat as. Thanks again, Techdunce :slight_smile: