I understand that even though Comodo Firewall V.3 attempts to download updates, updating from V.3 to V.5 is not possible. V.3 must be completely uninstalled first before V.5 can be installed.
If so, what is the best strategy to preserve configuration/settings from V.3 to V.5?
Will EXPORTING Proactive Security, Internet Security, Firewall Security settings from V.3, and later IMPORTING into V.5 work? Or is there a more preferred strategy? I am most concerned with port rules.
Also note that running v.5 ‘cfw_installer_x86.exe’ recognizes prior version, proceeds to uninstall, than installer prematurely ends after setting an autorun entry. Very strange.
The best way to change from CFP V3.X to CIS V5.X is, unfortunately, to uninstall CFP V3.X, reboot, install CIS V5.X, reboot and then set up your rules again.
Yes, it’s slow.
Yes, it’s a bit tedious.
Yes, it works.
It’s unfortunately necessary as there have been huge changes to both the applicaiton and to the format that updates are stored in. This is particularly true when you are going across two major versions, not just upgrading from one to the next.
Sorry to be the bearer of bad news, IMHO, this is the best way to get CIS set up correctly. It may be slower, but security based on shortcuts always has to be suspect.
All I need now is to configure Stealth Ports properly.
My setup is simple. I live on a notebook pc and connect to a few different wireless networks at different universities. Sometimes I use a vpn into one of these if I am on an unsecure wireless hotspot.
My hope is to stealth all possible ports, but when it comes to using Vuze (formerly Azureus) how would I know if an incoming request is a legitimate P2P user or an undesirable such as a scanner? Should I use the 2nd or 3rd option under Stealth Ports Wizard? What else would I need to do?
Wile I’m a newbee when it comes to networking, I understand the importance of ordering the Rules properly, but when it comes to setting up rules… I am 88).
Should I use the 2nd Stealth setting “Alert me…” or the 3rd Stealth setting “Block all incoming connections…”.
I greatly appreciate your help, but getting this information piecemeal isn’t a confidence builder. I am sure other users have been down this road before, does anyone have a link for how-to-instructions for this? I recall seeing something for uttorent which may be a similar setup for Azureus.
Use the second setting under stealth ports wizard.
For your p2p application, in addition to Application rules, you will need to allow both TCP and UDP IN to the port used by the application. For example, if the application (utorrent perhaps) uses port 49000 Create a Global rule:
Action - Allow
Direction - IN
Protocol - TCP or UDP
Source Address - ANY
Destination Address - (Use ANY or if you wish your MAC address)
Source PORT - ANY ( this could be restricted by using a range - 1024 to 65535)
Destination PORT - (The port use by the application 49000)
Place this and any additional ALLOW rules above a final rule that BLOCKS all other inbound communication:
Action - Block (and log if you wish but it may generate a great many entries if you’re not behind a router)
Direction - IN
Protocol - IP
Source Address - ANY
Destination Address - ANY
IP Details - ANY
I added the rules exactly as you suggested in Global rules. Then tested Azureus/Vuze. CIS Firewall connections is still showing incoming traffic to Vuze on ports other than the one I specified, perhaps because the only rule under Application Rules for Vuze states ‘allow IP in from MAC Any to MAC Any where Protocol is Any’. I assume, since this Application Rule applies only to Vuze, this is OK. Should I add any APPLICATION rules for Vuze?
I understand from help files,
For Outgoing connection attempts, the application rules are consulted first and then the global rules second.
For Incoming connection attempts, the global rules are consulted first and then the application rules second.
But I still find this somewhat confusing 88)