Hi to everyone,
well I’d like to ask you about something that is not 100% clear to me.
The zone that Comodo firewall creates for the ethernet adapter during the first install, is a trusted zone or not?
It is easy to create a trusted zone. But how do I create a not trusted zone and how do I change a trusted zone to a not trusted one? For users that have experience with ZoneAlarm or Kasperksy Internet Security Suite…you’ll know that there is a really easy way to define as trusted or non trusted a zone. What about Comodo firewall?
Last…on other firewalls I have noticed that they define 2 zones. The localhost or 127.0.0.1 and the zone of the lan (ethernet adapter). Usually 127.0.0.1 is a trusted zone and the lan can be a trusted zone or not. How does Comodo compares to this?
I have abbandoned other firewalls for Comodo and I see that there is also a great community here. My congratulations and thank you.
The zone created during the install is a zone, just that. To define it as a trusted zone requires using the trusted Zone wizard, found in SECURITY - TASKS.
Comodo takes a blanket approach to zones. Logically, why create an untrusted zone? If the incoming data doesn’t meet the criteria of a trusted zone, or conform to an existing network monitor rule, then it’s considered bad until you explicitly tell it otherwise. If you create a trusted zone and have adequate network rules to filter and control traffic, why do we need an untrusted zone setting. Data is either considered good (trusted zone or conforming to a NM rule) or bad.
You COULD manualy set up an untrusted zone, by defining a zone, setting it as trusted and then, in the Network Monitor, change the action for that zones rules from ALLOW to BLOCK. Could, is the operative word though. A proper set of NM rules would do the same job.
Simplicity - that’s the name of the game. A concise, properly constructed set of rules improves data throughput and makes it easier to work out whats’s gone pear shaped, when and if something does.
The 127.X.X.X subnet is inimicable to your local PC. Providing you have the 127 loopback options set correctly (found in SECURITY - ADVANCED - MISCELLANEOUS), you’re covered.
There’s a great bunch or users on this forum with a broad range of experience and are only too willing, private committments allowing, to help out. If you see a query you can help with, feel free to jump on in. Don’t be afraid to ask questions that you may think are dumb. The only truly dumb question is the one that doesn’t get asked.
However, it doesn’t help when I simply create a rule for a program not to access the internet that Comodo tells me inserted a .dll into another program like Internet Explorer. In such a case, Comodo still will block access to I.E. until I remove the program in question. I don’t want to tell Comodo not to look for suspicious .dlls, but I don’t necessarily want to stop running any programs that are in question, either. I just wish there was A RELIABLE WAY that I could tell Comodo not to allow such a program to access the internet without it continuing to block I.E. I guess the problem is that the .dll is already in I.E. when Comodo notifies me that a program already added the .dll.