Windows Operating System intrusions [RESOLVED]

A few days ago i installed CFP.
And then i started to get very much intrusion attempts from Windows Operating System. I figured that this wasn’t real attacks but how do i stop these intrusion attempts? Does someone know a solution for this problem?

[attachment deleted by admin]

Your log looks like you are not using a router, or this would already be blocked. This seems to be just internet noise, various computers out there scanning ports to see if they get a response. You should be able to use the rule block/IP/in/any/any/any in WOS since there is no ICMP/IGMP router chatter. :slight_smile:

[attachment deleted by admin]

I’m using a USB modem (which I assume you are as well) and what you see is perfectly normal. Nothing to worry about really as CPF is doing it’s job.

If you don’t want your log to fill up each day with these just set the Logging to LOW (which is default for v3 anyway). I assume you have it set to MEDIUM.

Also see this thread…
https://forums.comodo.com/help_for_v3/no_firewall_events_since_3017304_found_trojan-t19761.0.html

Mike.

Sded,
but i am using a router. The current rule that im using is Block/TCP or UDP/any/any/any/46100 because in the beginning the destination port was only 46100 now it’s 1024 and others. So i still get intrusion attempts but not that much. Here is a screenshot what it looks like now.
How do you set the Logging to LOW?

[attachment deleted by admin]

What you see is normal router chatter, mostly when you start up the computer. That chatter is in normal cases nedless and wont do any harm.
And if you do as sded recommended you get rid of all those loggings.

Ok, but is it harmfull for my computer or is it completely safe?

Your comp is completely safe.
When you see any traffic in WOS it means that all that traffic is “goin’ out in the air”, in other words: to nowhere because no program is listening.

What kind of router? It looks like you are really just using a modem from the log. The NAT feature in routers will not usually pass on unsolicited inbound traffic to a software firewall; it is blocked in the router. In any case, you can try the block all inbound rule in my previous post. And you can try setting the alert level to low by going to firewall/advanced/firewall behavior settings/alerts and moving the toggle. This also affects the rules that are made by Comodo for applications accessing the internet, but that may not be an issue in your case. These are both safe things to do. Generally only the "allow"s are dangerous. :wink:

I got a Linksys wireless-G broadband router WRT54GL 2.4GHz 54Mbps (but i dont use wireless i got an wire to my computer to get internet, the wireless is for our laptop). I used you’re setting that you told me sded and there is no intrusion attempts anymore. I did not use the logging setting.
Snowhawk do you mean that the traffic from WOS is “useless” because nobody is recieving it?

OK; you should be fine. Let us know here if you start having other problems.

Yes (but traffic is to WOS).
And b.t.w., I don’t know anything ab’t your router but it seems to me that it is’nt firewalled co’s you get traffic from many different IP’s. Maybe a setting?

I dont know about the settings of my router because my cousin configured it.
And i got a question of topic. What antivirus program or something else is good. I’m now using Avira AntiVir PersonalEdition Classic and i dont know if this is a good one. Could you advise me one?

Thats no catastrophy, but if your router is firewalled you have a second layer of protection and you also get rid of (most) those chatter.

Avira, I use it, seems to be a very good AV, but it can have, as others reported, a lot of false positives. But it’s in the end your decision.

Ok, il keep it then.

Thanks for you’re help and time to help me and quick responses. :SMLR

You’re welcome.

We are here to help each other, to “serve and protect” :slight_smile:

Ok, it seems all problems are solved, so thread will be closed. If issue returns PM any on-line moderator to open.