Hello,
nice to find this forum.
I am using the Comodo Firewall since a few days and I got a few “newbie questions” about its functions and proper configuration.
First of all, I installed it and I didn’t change anything in the settings with one exception, namely in “Stealth Ports Wizard”, I decided to switch to the 3rd option - “Stealth my Ports to Everyone” (although whenever I click again on the “Stealth Ports Wizard”, I see the first option checked, but I guess that’s just the confusing part, because I clicked for sure to activate the third option…can someone confirm BTW?)
anyway, I wonder if there are any other recommended changes to do in the settings, to ensure a proper protection? I’m using WIN XP HOME with SP3, it’s a home computer, not on a shared network (i’m from Europe BTW).
Should I change something in the configuration? If yes, where and why? Or maybe in the “my ports set” (I see many default ports there) or “my network zones” (I only see a loopback zone there). But as you can deduct from my message, I am pretty much clueless when it comes to such things. (right now my settings are for firewall as “safe mode” and for defense as “clean PC mode” (the default settings).
For example, I came acoss this thread on this very forum
https://forums.comodo.com/leak_testingattacksvulnerability_research/cant_stealth_the_port_139_with_comodo_i_did_not_pass_shieldup_file_sharring-t21236.0.html
where someone says that under the default Comodo settings, his firewall did not pass some kind of security test.
can you please point to me what exactly do I need to change and where, to increase the security level in that regard?
Also, under “Firewall events”, I can see hundreds of events with application: Windows Operating System, action: blocked, protocol: TCP, UDP, sometimes ICMP and different IP’s & ports.
I reckon that although these are listed as “intrusions”, these are in fact harmless operations which are/should normally run in my system (?). Can someone confirm this and explain to me what blocking them means or causes?
Under “defense events” yesterday I saw only mshta.exe responsible for “Direct Monitor Access” so far but from my currect research it looks like I needed to enable that, because these were standard processes required to enter and manage the “User Accounts” in my XP’s Control Panel…
But today I see in “pending review” files QTFont.for and temp0.exe? I guess these files are connected with some natural processes and I can enable them (or add to my “safe files”?)
Also, I wonder, if someone will try to attack my system (some hacker trying to get into my PC), then I will see the information about it in “defense Events” and not “Firewall Events”, right?
But how it will get listed most likely?
anyway, just some basic questions, I would appreciate some help to a total newbie
oh and final question, I am using some messangers, such as ICQ. However, the Comodo Firewall has never asked me so far if it should allow ICQ to connect from my computer to the Internet.
I was expecting that it will ask me about this. Is it normal,. or is this showing that my Firewall is not configured properly?
I hope some of you will find the patience and time to answer my questions. I will make sure NOT to ask such simple questions in future and I will recommend this Firewall to my friends
And sorry for the bad English!
PS I just re-read what I wrote and I have one more question. Now that I have the Comodo Firewall, should I disable the XP built-in firewall, or not?
kindest regards,