Updating Firewall v.3 to v.5 How to save settings?

dragonpup · March 8, 2011, 1:45am

I understand that even though Comodo Firewall V.3 attempts to download updates, updating from V.3 to V.5 is not possible. V.3 must be completely uninstalled first before V.5 can be installed.

If so, what is the best strategy to preserve configuration/settings from V.3 to V.5?

Will EXPORTING Proactive Security, Internet Security, Firewall Security settings from V.3, and later IMPORTING into V.5 work? Or is there a more preferred strategy? I am most concerned with port rules.

Also note that running v.5 ‘cfw_installer_x86.exe’ recognizes prior version, proceeds to uninstall, than installer prematurely ends after setting an autorun entry. Very strange.

Thank you.

Radaghast · March 8, 2011, 5:07am

You might want to take a look through Upgrading to the Newest Version of CIS - what to do if you have difficulties but you may not like what you read…

panic · March 8, 2011, 8:38am

You ain’t gunna like it, but …

The best way to change from CFP V3.X to CIS V5.X is, unfortunately, to uninstall CFP V3.X, reboot, install CIS V5.X, reboot and then set up your rules again.

Yes, it’s slow.
Yes, it’s a bit tedious.
Yes, it works.

It’s unfortunately necessary as there have been huge changes to both the applicaiton and to the format that updates are stored in. This is particularly true when you are going across two major versions, not just upgrading from one to the next.

Sorry to be the bearer of bad news, IMHO, this is the best way to get CIS set up correctly. It may be slower, but security based on shortcuts always has to be suspect.

Cheers,
Ewen

dragonpup · March 9, 2011, 4:02am

Thanks to all!

I am now up and running with latest (to date) V.5 Firewall on Win XP Pro SP3. I don’t mind the extra messages.

Here is how I removed V.3 and successfully installed V.5 with out any issues.

Created image of current partition on external drive.
Removed V.3 with Revo-Uninstaller with Advanced settings, I did NOT reboot when asked, instead completed all the normal Revo Uninstaller steps.
Used Reg Organizer (reg cleaner) to scan and remove all “Comodo” references from registry.
Re-boot.
Clean installed V.5 Firewall only. It didn’t take long and all went smooth.

panic · March 9, 2011, 9:51am

Glad to hear it went so well for you.

Although a clean install is definitely the long way around, IMHO it’s the best way as you setup only what is required for the environment it is running in at the time of install.

Leaner. Cleaner. Meaner.

The way security is supposed to be.

Ewen

dragonpup · March 9, 2011, 7:50pm

Thank you Panic!

All I need now is to configure Stealth Ports properly.

My setup is simple. I live on a notebook pc and connect to a few different wireless networks at different universities. Sometimes I use a vpn into one of these if I am on an unsecure wireless hotspot.

My hope is to stealth all possible ports, but when it comes to using Vuze (formerly Azureus) how would I know if an incoming request is a legitimate P2P user or an undesirable such as a scanner? Should I use the 2nd or 3rd option under Stealth Ports Wizard? What else would I need to do?

Thank you in advance!

panic · March 10, 2011, 3:40am

In simple terms, you need to setup a global BLOCK rule for all inbound with one exception (that exception being the port you nominate for inbound P2P requests).

I’m not in front of a CIS equipped PC at the moment so I can’t give you explicit instructions, but your starting point is;

FIREWALL → NETWORK SECURITY POLICY → GLOBAL RULES

This Block (with exception) rule needs to be above any other BLOCK (without exception) rule you mat have set up.

Hope this helps,
Ewen

dragonpup · March 10, 2011, 4:15am

Thank you Panic!

Wile I’m a newbee when it comes to networking, I understand the importance of ordering the Rules properly, but when it comes to setting up rules… I am 88).

Should I use the 2nd Stealth setting “Alert me…” or the 3rd Stealth setting “Block all incoming connections…”.

I greatly appreciate your help, but getting this information piecemeal isn’t a confidence builder. I am sure other users have been down this road before, does anyone have a link for how-to-instructions for this? I recall seeing something for uttorent which may be a similar setup for Azureus.

Thanks again!

Radaghast · March 10, 2011, 5:19am

Use the second setting under stealth ports wizard.

For your p2p application, in addition to Application rules, you will need to allow both TCP and UDP IN to the port used by the application. For example, if the application (utorrent perhaps) uses port 49000 Create a Global rule:

Action - Allow
Direction - IN
Protocol - TCP or UDP
Source Address - ANY
Destination Address - (Use ANY or if you wish your MAC address)
Source PORT - ANY ( this could be restricted by using a range - 1024 to 65535)
Destination PORT - (The port use by the application 49000)

Place this and any additional ALLOW rules above a final rule that BLOCKS all other inbound communication:

Action - Block (and log if you wish but it may generate a great many entries if you’re not behind a router)
Direction - IN
Protocol - IP
Source Address - ANY
Destination Address - ANY
IP Details - ANY

dragonpup · March 11, 2011, 1:59am

Thank you kindly Radaghast!

I added the rules exactly as you suggested in Global rules. Then tested Azureus/Vuze. CIS Firewall connections is still showing incoming traffic to Vuze on ports other than the one I specified, perhaps because the only rule under Application Rules for Vuze states ‘allow IP in from MAC Any to MAC Any where Protocol is Any’. I assume, since this Application Rule applies only to Vuze, this is OK. Should I add any APPLICATION rules for Vuze?

I understand from help files,

For Outgoing connection attempts, the application rules are consulted first and then the global rules second.
For Incoming connection attempts, the global rules are consulted first and then the application rules second.

But I still find this somewhat confusing 88)
Thanks!

:■■■■