Minutes ago I read some AV article says that Explorer shouldn’t connect to internet otherwise it must be infected.
So I add Explorer.exe to “Define a New Blocked Application”.
And then I checked my firewall log…
Near 6 minutes nothing logged…it’s really strange.
There were blocking almost every minutes this afternoon.
Would “Define a New Blocked application” during connecting to internet “weaken” the ability of firewall?
I found some of applications wouldn’t load the guard32.dll of Comodo.
Could Comodo control their action and internet using even they don’t load the guard32.dll?
If my global rule is currently: “Block IP in from IP Any to IP Any Where the protocol is Any”.
Is that enough for the maximum protection?
Do I need add “Block TCP/UDP from IP Any to IP Any Where the Port is Any” and “Block ICMP in from IP Any to IP Any…”?
Thanks very much in advanced.
Best Regards, force.
Explorer.exe,svchost and system only need outgoing. They are part of Windows. If your behind a router that is your best defense. If not use the stealth port wizard and select the option to block all in coming connections.
I don’t have a router and I’m an ADSL user.
Is my global rule enough?
And If one application doesn’t load guard32.dll,
Could Comodo still controll its activity?
I know my first question is quite strange…
but 6 minutes no blocking seems really weird.
Would changing rule during conneting to internet reduce the ability of Comodo firewall?
No blocking all depends on how you installed Comodo. Under clean pc mode Comodo it will conceder anything preinstalled on your pc as safe. Also Comodo has a very big whitelist nowadays so users dont get bombed with pop ups for known trusted apps. Gaurd is always there so dont worry about it. I am also on DSL but my 2Wire Gateway modem has a hardware firewall built in. If your not doing any P2P option then I suggest deleting all your current global rules and running the stealth port wizard like I said. Set the firewall and D+ to safe mode for a good balance.
But I still confuse about “guard32.dll”.
I know some of applications don’t load this Comodo dll.
Could Comodo STILL control its activity even they don’t load “guard32.dll”?