Windows Operating System?

I have a lot of blocked connections so far from Windows Operating System. I wanted to know if I should allow these seeing they look like private IP addresses. Also how would I allow these connections? Any help would be great.

Photo:
http://f.imagehost.org/view/0562/log

Evening “JoshMD”

My name is Jacob Kilgore,
I’m one of the Moderators here at Comodo Forums
I would like to try to solve your Issue as Quick as Possible

I’ve seen the photo you have linked on your post,
The blacked connections you are having are normal,

If you open CIS > Firewall > Stealth Port Wizard > “Alert me to incoming connections - Stealth my ports on a per-case basis” > Next

Did this solve your issue?

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

Thank you for your response. I followed your directions but when I click Stealth Port Wizard it always are set back to the default Define a new trusted network stealth my ports to everyone else.

It does this by default when you open the wizard. Your previous setting is still kept :wink:

Hope this helps :slight_smile:

Hello JoshMD

Have you click’d Finish? (When clicking stealth port wizards after running it again, the bubble will always be at the top)

Have you recieved any more alerts?

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

I got one alert since changing the settings so I think it worked. Thank you for your help.

How many alerts should have I gotten after I changed the setting?

Yes I did click finish.

JoshMD

I’m glad that it is working for you,

What was the alert that you got?

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

I believe it was svchost.exe and I allowed it.

JoshMD

svchost.exe should be set as Out Going Only,
As well with System
(Check/Edit The Rule for these app’s)

I’m glad it is working

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

Thank you I just set system and svchost.exe to Out Going Only.

Are there any other applications that need a specific setting like this?

I hope I set it right
http://f.imagehost.org/view/0771/set

JohnMD

I see there are more minor errors in your Application Rules

Firefox.exe should be set as “Broswer” same with iexplore.exe

Please check your firewall events, there might be more logged actions, if there is not then you will be in tip-top shape

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

I just got more logged actions
http://f.imagehost.org/view/0720/11_7

One last question what rules should I use on these applications?

Utorrent (Bittorrent client)
Steam.exe
Team Fortress 2 ( PC game via steam )
GameOverlayUI.EXE (Used by steam)
NOD32 (Antivirus)
Usenet client (Altbinz.exe)

JohnMD

Sorry for my “missing in action”

For Utorrent Please Follow This To Correct The Set Up

Steam.exe < just click allow when a alert pop up

Team Fortress 2 < What ports are needed to play?

GameOverlayUI.exe < just click allow when a alert pops up

NOD32 < Trusted Application

Usenet client < I don’t know what this is, I’ll edit once i find out more information

For the more logged actions
Create a predefined policy
Firewall > Advance > Predefined Firewall Policies > Add > Copy From > Predefined Application > Out Going Only > Double Click On “Block and Log All Unmatching Requests” And Untick Log > Apply > Name it System/Svchost > Apply > Apply
Then Go back to the Network Security Policy > Edit Both System & Svchost > Set as “System/Svchost” this should help kill the logging

Sorry for the long wait

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator

Thank you very much Jacob for all your help.

What rule should ping.exe & Windows Updater Applications have?

CIS sets those automatically, they are not needed for modification or editing

Any other issues or Questions ?

- Jacob Kilgore
C-O-M-O-D-O Forum Moderator