[Resolved]Do I really need the last item in my Network Security Policy?

2harts4ever · January 28, 2011, 9:22pm

Howdy,

For the record I am using a Compaq Presario AMD Athlon™ 64 Processor 3300+, 2411MHz/1.93 GBs RAM, running Windows Xp Home, SP3., with IE8 and I am currently utilizing Comodo Free Firewall version 5.3.176757.1236.

A few days ago I had a similar post concerning Global Rules – https://forums.Comodo.com/empty-t68445.0.html;new;topicseen#new – but I have taken out a few of the rules I had at that time and now I am just trying to make sure my current rules are sufficient to provide firewall protection for my computer

I am attaching a copy of my current ‘Network Security Policy’ rules. I have two basic questions:

(1) Are they in the proper order to provide the correct protection for my computer?

(2) Is the final entry (Block IP In from MAC Any to MAC Any when Protocol is Any) (a) in the correct position, (b) what does it mean in ‘layman’s terms’, and (c) is this rule even necessary on my computer?

Thanks and regards,

2harts4ever

Jacob · January 28, 2011, 9:29pm

Hello; 2harts4ever

1: Yes; Quick question, why do you have the loopback zone in the global poicy? (127.0.0.1)?

2: Yes;

2a: Yes;

2b: In lay man terms if a connection is being made to your computer; it goes from top to bottom of your global rules, thus if it doesn’t match one of the rules displayed then it will get to the bottom thus wil be blocked;

2c; Yes unless of course you would like everyone to be able to connect to your pc
(Of course you’ll receive an application alert from either system or svchost etc)

Hope this helps

Jake

2harts4ever · January 28, 2011, 11:17pm

Hi Jacob,

I appreciate your quick response and your easy to understand explanations.

You asked why I had my ‘Loopback Zone’ in my Policy Rules. To be honest I don’t ever remember putting them in my rules. I always thought Comodo had done it as part of its default set-up.

Are you saying that they (both the ‘in’ and ‘out’) don’t have to be included in my Policy Rules?

Thanks and regards,

2harts4ever

Jacob · January 28, 2011, 11:21pm

It’s not necessary nor is there any Major security risks to have the Loopback Zone as a trusted network;

Could you double click one of the rules and make sure it has a 127.0.0.1 address there?

Your welcome!

Jake

2harts4ever · January 28, 2011, 11:30pm

Hi Jacob,

I just double clicked on both of the first two entries but I couldn’t find the address (127.0.0.1) listed anywhere. However, after double clicking each of them and then clicking on ‘Destination Address’ both of them have ‘Loopback Zone’ listed in the ‘Zone’ Heading.

Is that what you mean?

Thanks and regards,

2harts4ever

Jacob · January 28, 2011, 11:38pm

Ok; Yes

Just wanted to verify that it was loopback zone and not something else

Your A+ Okay

Any other questions ?

Regards
JAke

2harts4ever · January 28, 2011, 11:43pm

Hi Jacob,

So, should I remove both from my Policy Rules or let them stay put?

Thanks and regards,

2harts4ever

Jacob · January 28, 2011, 11:51pm

You can remove them if you wish; its completely up to you…

If you like neat and clean space then remove, if you couldn’t care to wink twice at a bird that winks back then keep them

It’s a personal decision atm…

Jake

2harts4ever · January 29, 2011, 12:03am

Hi Jacob,

I am going to take your answer ;D to mean they won’t hurt anything right where they are at right now. That being said I will let them continue to ‘clutter up’ my Global Rules …lol

I appreciate your patience in answering what to you must seem like simple questions but to me they seemed mind-boggling.

Have a great weekend!

Thanks and regards,

2harts4ever

Jacob · January 29, 2011, 12:05am

Its ok

I’ve sent you a PM Hope it helps

%lock%

Jake