security of the friewall...

I am using comodo firewall for the past 2 days and found it really good and its as good as a paid version of zonealarm suite.

My doubt is regarding the rules we create. Where does the firewall store all the rules . Is it possible for a malware to include itself in the firewall’s allow list ?

Or does the firewall use any encryption or hash to store the rules for security ?

The rules are stored in the registry. CPF zealously guards both them & its memory image. I don’t think CPF would allow any other program to write to its registry tree.

Yes. This defense has been added starting from the BETA versions.