Pls help build a good FAQ for all Firewall users

Hi All

We are starting this initiative to create a really powerful FAQ for firewall users. But we need your help :slight_smile: Can you pls contribute to this initiative by adding as a new topic a How to item with explanations. We will use this board to build our FAQ on the website.

thanks a lot.


As I saw from the forums posts-questions, the most frequently asked question is related with the “Network Monitor Panel”. Some of examples are:

1.What are those rules?
2.How can I add a rule?
3.Where to place it? (up or down?)
4.What is remote IP and source IP?
5.How come, I have to put my own IP as remote in one rule and as source in another?
6.What are the protocols and what is their impact in those rules?
7.Why can’t I open a port only for a specific program?
8.Why my ports are not stealthed?
9.How can I configure my private network?
10.Why my P2P program has difficulties with connecting? What can I do about it?

ps. Almost 3 of 4 questions :o that I have answered has to do with the “Network Monitor Panel”. It is different from other firewalls and for this reason most people have difficulties in understanding it ???. I think that you should pay a lot of attention there :wink:

What about step by step instructions for creating application rules for common internet based applications - WOW, Warcraft, Limewire, BitTorrent etc?

ewen :slight_smile:


As well as creating FAQs specific to how to set up the firewall, what about we create a guide on why people need CPF / CAV / CAS in the first place? People only need detailed instructions AFTER they’ve realised that they need the product in the first place.

This may be more of a marketing thing, rather than a FAQ, but isn’t the most logical first question in an FAQ, “Why do I need this?”

This could start by an overview of

  1. How the internet and IP work (describe the environment)
  2. Why viruses/trojans/backdoors are created (define the risk)
  3. How viruses/trojans/backdoors etc. communicate and propogate using IP (define the intrusion vectors)
  4. What viruses/trojans/backdoors etc. could do to their system (define risk potential)
  5. How a firewall works to prevent intrusion (risk mitigation)

All of these would need to be in strictly laymans terms.

As I see it, although Comodo CPF and CAV are solid, technically sound security apps, they are ideal for the Mr. and Mrs. Average’s of the world because of their simplistic user interfaces. I can only speak with assurance regarding Australian users, but the vast majority of home users are not fully aware of the importance of PC security (although this is changing). Even those who are aware that they need security, they don’t necessarily understand why, or, even worse, how, and when they do get security products, tend to set-and-forget.

If Comodo produced a guide that explains, right from step one, how things work, what could go wrong, what the implications of things going wrong are and what they can do to prevent this, and marketed it directly at home users, Comodo could become the security layer of choice for that sector of the market.

What do you all think?

Ewen :slight_smile:

I don’t know, Ewen. I think some of the messages it puts up are going to be baffling to many users. What’s the average user to make of the statement that “program XYZ is trying to be a server?” And why does it ask them to OK programs that it appears to know are safe, like the Comodo Launchpad or Firefox. “Firefox is a safe application.” So why not let it access the Internet without asking, then?

After I installed it, I couldn’t access the shares on the computer I’m trying it on. I had to hunt around for the solution. There should be a Troubleshooting option, with options like “My FTP program doesn’t work” or “I cannot access the shared folders on this computer” that makes the appropriate settings without presenting users with a lot of networking jargon…

I believe from an earlier post by Melih in the forums, Comodo are working on giving users the choice to allow ‘safe’ applications to access the internet or keep CPF operating like it currently does with a pop up.

Melih, please correct me if I’m wrong.


That would be a good idea. Perhaps it could also take account of whether an application has been signed with an Authenticode certificate in deciding whether it is safe or not?

Perhaps it could also take account of whether an application has been signed with an Authenticode certificate in deciding whether it is safe or not?

I 100% agree with you - the messages would be baffling. That’s why I suggested a laymans guide to IP as a means of “unbaffling”. If something is too hard or too confusing, they’ll walk away from it. If we can give them a means of understanding, albeit in a limited way, they are on their way to making informed decisions.

Out of curiousity, what makes you think the concept of authenticode certification is a baffle-free zone to Mr. and Mrs. Average?? :smiley: Without an ounce of comprehension, they’ll be scrambling for the OK button faster than Pete Doherty on a packet of ■■■■. LOL

ewen :slight_smile:

Indeed, Mike is correct. We have an Auto-Allow feature for our Safe lists (this was one of many requests in the wish list). It will be set as default. So the end user’s are not going to be disturbed for any app thats in the safe list. This is available from next upgrade onwards (out in few days).


Well Authenticode… hmm… problem! problem!
We sell authenticode certs, we do our best not to issue it to spyware products. But the authenticode process from other Certification Authorities may not be as good as what we have. nevertheless, the signed code is not checked by anyone, so a company coudl be signing anything including spyware with that code. This is why the Safe List from Comodo is a much better solution because we check each application in our labs to see what it does (our AV/Spyware labs analyse these products first like they analyse viruses/spyware) and only add it if it has passed it. Anyone can submit their files to us for us to check and add to our safe list.


Some simple questions:

I’m using a router to get my wireless internet, does Comodo Firewall Protect me from network attacks?

What makes Comodo Personal Firewall different from Windows Firewall?

Will Comodo Personal Firewall be able to support the next Windows OS (Windows Vista)?

Help, someone hack into my PC, what should I do?

When viewing the high threats, one of them said that my Firewall has switched to Emergency mode, what does that mean?

I lost internet connection, when I disable the firewall, I got internet back, what should I do to prevent my firewall from preventing internet access?

Are you allowing your personal firewall free for buisness use as well as home use?

Will Comodo Firewall be stable with my antivirus (like avast! AVG, Norton, McAfee, etc.)?

Why is it that Comodo can only protect one user account at a time?

What other tests can I perform to test Comodo Firewall other than your Comodo Parent Injection Leak Test?

I don’t. That’s why I’m suggesting CPF could treat signed applications as safe, or at least give users an option to allow that,

An interesting reply. :slight_smile: Actually, the fact that code signing proves nothing except who built the executable is one reason why, as a developer, I was resistant to spending money on a certificate. However, Microsoft is forcing developers down that route, and now I have, I was hoping to see some benefit from it.

The problem with your suggestion of people submitting applications to you to add to the safe list is that I don’t think it is workable. And if everyone did, you would be completely overwhelmed with programs to check.

There are already several products that work on this principle to help users decide what is and what isn’t safe. ProgramChecker claims to have a database of over 30,000 applications, which sounds a lot, yet the majority of stuff running on an avarage PC is still not included. Spyware Data is another one.

Perhaps there would be a slim chance of this idea working if all the efforts to build a database of safe applications were invested in one organization, instead of each anti-spyware company trying to build their own.

another FAQ

How to configure Internet Connection Sharing?

Please goto “Security->Tasks->Wizards->Add a trusted zone” and define your network as your trusted zone.

Well, there are millions of applications are out there and as CPF becomes more main stream, we expect developers to start registering their apps as safe apps to us (of course we will check them for security ourselves) so that user won’t be alerted to by CPF when they use it. Also we are building, in the next CPF release, an ability for users to submit us all the files they want put into safelist. One way or the other, we will create a monster safe list! :slight_smile:


Helle there, I’m a new user and a newbie to this all. Having used a computer since 6 months now, I installed a few programs and deinstalled them either because it was all too difficult for me, or because they didn’t do as I expected.
What I went looking for was tutorials to read before installing the program and as a few examples I want to mention Eudora, AntiVir, AVG, Outpost.
What they did was making the helpfile of the program available as a PDF download from the site.
This way you can have a look at what you can expect while installing and using the program and take the time to get used to it before you install.
I think it would be great if Comodo did this also. I have installed the Comodo firewall and since a few days also the Comodo antivirus program and I see there is a great helpfile included. Maybe you should consider to put it on the website as a PDF.
Bye for now and good luck with Comodo software :slight_smile:

The guy before me is correct.

Even though he is new to computers he is actually trying to do the smart thing and suss out the Manual to the program before installing/using. This is the best idea, even for a technical person.(You can’t always know everything).

cheers, rotty

Yes, it’s a good idea.
More over if they included user based FAQ along with their tips.

I am almost ready to install Comodo. I have been able to scrounge up enough info to get an idea what to expect I’ll find when the installation is done. My biggest fear was I wouldn’t know where to start. The only thing I have to do now is uninstall ZoneAlarm, which isn’t easy without leaving a file behind and Comodo telling me it can’t install.
As for building a good faq for users, I have a suggestion. I just installed NOD32 AV, and was able to get a pdf installation and configuring manual at the Eset site so I could study it before I installed NOD32. It was a real help. Not that installing NOD is hard, but getting configured right in the beginning was nice. It would be nice if Comodo had something like it. I have 4 different links saved in my bookmarks that each give me hints about Comodo. ;D

I am a newbie here, very untechnical. I agree wholehearedly witht the post that said us beginners have no idea what a lot of the anacronyms and technical stuff means. Use something else as a server? I have no idea what that means.

Most of you guys (gals) on this forum are far smarter than me. I think a forum for the uneducated would be wonderful. I think too that there are a lot more people like me than you gurus.

This is my first day on Comodo, so I am trying hard to understand. And if I have not done this post correctly, please let me know.