I noticed that in V3 my general network settings don’t have a "block all’ rule set up by default and that my “system” component is set up by default to have:
- Allow IP in from IP Any to IP Any Where Protocol is Any
Is this correct? I can’t test Shieldsup because I’m behind a router at home, but when I’m out on public networks I’m afraid that I’ll be exposed.
My system rule says “allow IP out” which seems much more reasonable. Are you using 3.0.14 from the beta board? The default settings changed significantly from 3.0.13. What are your global rules?
I am indeed running the beta. The only global rules, apart from the two that I defined to specifically allow my VPN in and out, is this one:
Block ICMP In From IP Any to IP Any Where ICMP Message is Echo Request
Am I safe with these settings at a wireless access point in public?
Assuming your rule 1 is really an allow out not an allow in, you should be OK. I will repeat a response to a similar question on wifi in another thread so you won’t have to go looking for it. Maybe this time we can get a few more good suggestions. I do a lot of “public” wifi.
The main thing to avoid is having a trusted network. If you connect to somebody elses 192.168.1.1 and there are other users there, you don’t want to have them see you or talk to you. So to set it up, don’t automatically recognize new networks and trust them, block unnecessary traffic between the router and your NIC (monitor and add it back in if things stop working). I don’t have additional network rules to Comodo defaults, which does leave a bunch of housekeeping traffic blocked if you don’t have a trusted network. Treat your router like it was in somebody elses house and you were secretly using it. As far as what else to do, use SSL/TLS email links (gmail if your ISP doesn’t support it). Or use webmail. Don’t expose your user name and email password in the clear (problem with most NNTP servers, so skip Usenet). I sail throughout the area (spent 7 months in Mexico last Winter) and found that only a few such practices were necessary when using open access points. The Comodo rules take care of the usual threats.