As this is a highly focussed series of questions and answers, I would ask other forum users not to post in this topic yet, until we have reached a logical conclusion. I ask this not to exclude other users, but to hopefully eliminate confusion and remain focussed on the original questions asked. Thanks in advance
This is the second and final chapter to comprehend the basic usage of protocols and ports during rules creation in “Application rules” and in “Global Rules” in the CSI Firewall. This topic is Rules and Ports Specific. It should help the beginners (and myself) to understand the logic during a rule creation (and communication) and to avoid creating generic rules as: Alow - TCP/UDP - In/Out| Source Address: Any | Destination Address: Any | Source Port: Any | Destination Port: Any
To follow this thread, a good understanding of the CSI user manual is requested. So, if you did not read it, do it now, and it will help you understand the technical definitions and the CSI setting configurations we will not explain here.
There are plenty of web definitions about UDP/TCP/IP and port. It is linear, technical and it does not help much when you want to create a rules in the CSI firewall. So basically, the questions I attempt to answer here are: What is What - a service, a software, a zone; What needs What - UDP, TCP, IP; and What does What - send on port/receive on port.
As the title mentions, this topic is generic. There are already many threads explaining rules sets for a given application on this board. Yes, I can read them, yes, I can copy the correct rules set in my firewall Application rules when I follow the threads, but do I understand the rules: No, I do not or very imperfectly. So that’ is all what it is about, to understand what you are going to read elsewhere on the COMODO board, and to understand what rule you are going to create for yourself using the Firewall.
Let’s ask the first question (Applications, Services and Pizza Delivery):
What needs to communicates in my computer? Sure enough, when I use an application, it needs to connect from my PC to its server over the internet to download an update by example. That’s clear. I can imagine that: if I am hungry, I go out, buy food, get home, eat. I am stuffed.
When it gets less obvious is when an application communicates INSIDE of my computer? Why? What for? If I use the previous example: I am home, and I call myself to ask myself if I am fine?!? Gee! never thought the applications inside my PC felt so lonely?
Now, we already know about the applications because most of the time we have to download them over the internet. But, hey, what about my desktop by example? Is it an application of some sort? Does it have to communicate with another component at any level through the firewall? I guess not, but suddenly I am not too sure (see, we begin to think smart).
And finally, the services. But wait! what is a service in my PC? In real life a service is someone or something I request to do something for me against a fee: Pizza delivery - a service that delivers food at my place, etc. So I guess, a PC service is something that does something inside my computer - to help it? But hey! wait again, if I push on my keyboard keys WINDOW + R and then type in the small windows SERVICES.MSC, I get a huge list of services. That’odd, their names sound like applications to me??? So is a Service ALSO an Application - like the applications in my program files folder? And does a service application communicates in the same manner as the applications I usually download over the internet? Wow! I suddenly feel very confused.
That’s it. This is the first step of our understanding. It is not even about protocols yet, communication direction, or port number. It is just to differentiate what is inside our beloved computer. So the next time you see System or svchost.exe by example (what are these for?), you could say to yourself: I know who you are and I know what you do.
I took the liberty to use a humorous touch in my questions, but it is not too far the reality. Think of average person (as I) trying to explain himself a logic looking at a firewall window. Even is best IT pal, when trying to help will speak about IP stacks, Datagarm headers, etc. It might be way head of the target: simply to get the logic.
Now let’s hear an expert: