How do you guys and gals lock down your machine I seen cruelsisters way which is very good heres a more different approch to this
***warning this is mostly for desktop and laptop in the house. If you take your computer somewhere else {like a friends house or school} youll be locked out and have to create a new set of rules for that place
cmd ipconfig /all will have the info needed.
this is how i lock down comodo. these are my notes. (there will be grammar error, but this is from my own notes. Theres more to add thats not on here and missing
under setting → firewall–> Application rules → add —> browse → running process →
now do the same for in running process for
"winlogon.exe
“smss.exe”
“csrss.exe”
"wininit.exe
“dwm.exe”
“services.exe”
“searchindexer.exe”
“taskhost.exe”
“lsass.exe”
“lsm.exe”
“explorer.exe”
Now were are done with running process
same as before but click on “files” and change it to “web browser”
go to C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\COMODO\Dragon\dragon.exe
do the same for all the other browsers too like firefox.exe, chrome.exe, opera.exe
if you have firefox add plugiin-contaner.exe and maintenceservice.exe
after this make sure your printer works good, and any messengers, browsers, any browser sync issues, cloud services, google chromecast, firestick if it applys to you (If not check the logs). There shouldn’t be a issue
under setting → firwall–> Application rules → add —> browse → running proccess → click "svchost.exe (there will be several rules for this)
Click on custom rule set → click “add” →
Click actions"allow",
protocal"UDP",
Description"In or Our"
Source Address"IPv4 Single Address"
IP"000.000.000.000"
Destitination Address"IPv4 Single Address" (Note, All bits turned on)
IP"255.255.255.255"
Source Port"A Single Port"
Port"68"
Destition Port"A Single Port"
Port"67"
Click “OK” (This allows network adaptor to request an ip address from the router)
Now click “Add”
Action"Alllow"
Protocal"UDP"
Destiation: In or out
Source Address"IPv4 Subnet Mask"
IP"192.168.001.xxx" (This is mine, you need to got to “CMD” type in ipconfig /all to find YOUR local ip address and mask)
Mask"255.255.255.000 (This is mine, Yours may be different)
Destitonation Address"IPv4 Single Address" (This is your gateway address, check your ipconfig /all to find it)
IP"192.168.001.xxx"
Source Port"A Single Port"
Port"68
Destination Port"A single Port"
Port"67"
Click"OK"
another rule
action"allow"
Protocal"udp"
direction “out”
source address “ipv4 subnet mask”
ip: 192.16.1.68 (this is your local area network
mask:255.255.255.000
DESTINATION ADDRESS: IPV4 SINGLE ADDRESS
type: 1.1.1.1 (THIS WILL BE YOUR DNS ADDRESS)
SOURCE PORT: n/a
Destination Port: 53
another rule
action"allow"
Protocal"udp"
direction “out”
source address “ipv4 subnet mask”
ip: 192.168.1.xxx (this is your local area network
mask:255.255.255.000
SOURCE PORT: n/a
Destination Port: 53
DESTINATION ADDRESS: IPV4 SINGLE ADDRESS
type: 1.0.0.1 (THIS WILL BE YOUR DNS ADDRESS)
another rule
action"allow"
Protocal"tcp"
direction “out”
source address “ipv4 subnet mask”
ip: 192.168.001.xxx (this is your local area network
mask:255.255.255.000
destination address n/a any address
SOURCE PORT: n/a
DESTINATION port:80
another rule
action"allow"
Protocal"tcp"
direction “out”
source address “ipv4 subnet mask”
ip: 192.168.1.xxx (this is your local area network
mask:255.255.255.000
destination address :n/a any address
SOURCE PORT: n/a
DESTINATION port:443
another rule Log as firewall event if rule is fired
action"block"
Protocal"icmp"
direction “in or out”
another rule Log as firewall event if rule is fired