My ftp server is allowed to recieve incoming connections, yet the firewall always blocks it . . i get stealth every time frmo GRC yet i have at least 3 server’s running on port 80, 21 and another i forget
What am i doing wrong ? I am A PC technician, and i have combed the settings and the daemon applications are allowed to have incoming data
The problem is the “Network monitor” section. When i disable it everything works. What is this doing there? its like a packet filter with rules. is it safe to delete these rules to make the firewall act like a ■■■■■■ firewall and not a packet filter rule program? if i wanted a rule system i would use CHX-i, all i want is a personal firewall. Allow program X to income and outbound DONE simple job . even though i allow a program to inbound nothins its always blocked
Please help me fix this
WG
ok so i disable this network mode, and now i loose all stealth and ping protection. i really dont believe this. Is it so hard to make a firewall that works like a firewall ? Kerio . . . does it have a problem with this concept ? NO. How about norton . . NO lets run down the list of firewalls that work like firewalls . .
Kerio
Norton
Sygate
Zone alarm
tiny firewall
These are only the ones i have personally run ever
Norton is ■■■■
Zone alarm has gotten bloated and slows down your pc
Sygate is old
tiny has been bought and unsupported
kerio GUI sucks and lags with high input or output
and theres comodo, thats kind of perfect although stealth mode is only through a packet filter . .
In order to use comodo how i would use any other Real firewall, i have allow everyone to ping me, and allow no stealth ports other than if i make a rule blocking a port. this is substandard for a personal firewall in my opinion. and sorry if i am a little blunt but this really anoys me that the one firewall that i actually like has a flaw that is so thin i almost fell 20 stories to the ground
WG
Welcome to the forum techwg.
Since no one else has jumped in I thought I would try and help you. I setup Cisco routers plus other types of networking equipment for a living. Not that that makes me special, but I see corporate grade firewalls all of the time and I love this firewall. You allow an application to work then go to Network rules and setup the ports for it to work properly. It reminds me alot of how a Cisco firewall or router gets setup. Its cut and dry on how it works. I love that. It is very secure in my opinion and it’s design is very slick and well put together from people on this forum that have used the other firewalls you mentioned and know what is lacking in each of them. The guys in this forum know whether a firewall is any good or not and believe me if this firewall was a dog they would tell Melih. You have to remember that this firewall is in it’s infant stages and it is already one of the best ones out there, but, it still requires mostly manual setup in the network rules for inbound traffic to go along with the inbound application
access if you are running servers or uTorrent or whatever out of the norm. The other firewalls have auto setup for programs when you approve them. It sets the rules up for you and you don’t have to do anything but click “OK” and you are in business. What you don’t see is they have pre-defined rules running in the background that protect you if you don’t have any Expert rules setup. The default rules that Comodo has setup in the Network section are for normal web surfers that don’t have multiple servers running or unusual port requirements. That’s what I like about this firewall. I know exactly what is going in and out of my PC as far as ports go. I have my firewall choked down to where it tells me if a fly lands on it (well, not really). I have tried to tear this firewall up from the time I downloaded it. I haven’t been able to kill it yet. :BNC
Now to start helping you. Use your activity log to help you set up rules. All you have to do is block everything inbound from the Network rules section then look in the Activity log and see what is getting blocked inbound or outbound. It will tell you exactly how to write the rule for each blocked port. It will show a source and destination address along with the protocol and port numbers. If you don’t know the ports and no one else does then this is one way to discover which ports are getting blocked. If you or anybody else don’t know what ports are being used then the fastest way to discover them is to block everything in and out and then start making the rules one at a time. I know you can ask on this forum and someone will usually know the answer to make it quicker for you.
Yep, you are right. This firewall doesn’t setup the programs for you yet, and I like that, but I bet it will make your coffee for you in the morning, eventually, if you give them time. If you are looking for a lot of automation then CPF just isn’t that far along yet. Just be patient and the guys on this forum and myself will be glad to help you if that is what you want. I’ll tell you what though, this firewall is one of the best I have seen and I love Cisco stuff, so what does that tell you. I don’t switch to just any firewall. I hope this helps. Just my 2 cents.
jasper ;D
Yes, Comodo has 2 layers instead of one, and that’s because it’s more secure.
Yes you have to do some work, but It keeps you secure.
If you have a router you must make a trusted zone. Use the wizard.
Do not remove the last block rule! That’s the one protecting you from all unwanted connections. It has “& log” as default, so you should be able to see in activity/logs what it blocks. Network monitor works like a “router”, so you have to forward ports.
Yes you have to set up network rules for servers, P2P programs and such…
Remember that the rules in network monitor reads from the top to the bottom. That means you have to have allow rules, OVER the last block rule.
You have a default Out rule, so you just have to make a IN rule for your app or server. I will make an example of a IN rule in network monitor.
Action : Allow
Protocol : TCP or UDP
Direction : In
Source IP : Any
Destination IP : Any (zone if you have one, or your IP if you have a static IP)
Source Port : Any
Destination Port : A single port : 48888 (P2P) or 80 (webserver) 20,21 (FTP server) and so on…
If you don’t know which port your app use, do like Jasper said, check your log.
If you have a server or something similar you can also go to security/advanced/misc and check “skip loopback … TCP”.
Just ask here in the forum, and someone will help you. It’s not to hard to learn to use this firewall. I hope this helps you.
what i tried was removing the 1 block rule, and this worked i was stealth and my open ports were blocked, however i failed the ICMP checks from grc.com shieldsup.
What i think is needed is the option to make an application rule trump other rules, for example ftp server you can edit its application rule and tick the box saying “PRIORITY” then if its allowed incoming connections, it will be allowed on any port it would like
As I wrote, do not remove the default block rule.
Have you tried my suggestion in my previous post?
yes but the only thing that works is when i delete the red block rule from the pogram
If somethings getting blocked it should be in your logs.
as i said, my problem is MSN does not use standard incoming ports. . . it has different ports for its incoming making it impossible to make rules for it. UPNP only. So i delete the block rule that it comes with and all ports are accessable if a program is allowed to act as a server. works for me, although anyone can ping me which i am not pleased about
Strange, since I don’t have a single rule for MSN in network monitor…
Ditto for me,I just have applicaton rules that allow MSN to talk, video, chat, whatever. It just works with an app rule.
Exactly what version of MSN Messenger do you have? Is it actually MSN Messenger you are using?
Ewen 