SatPhones > Help Desk > Knowledgebase

K131 Configuring Comodo Firewall

This is a guide on how to configure Comodo Firewall


Configuring Comodo Firewall, actually isn't that difficult. The default configuration is quite robust. However there are some changes that can be made to increase the protection even further.


A) General Configuration

First you should change the default configuration to Proactive Security. To do this, right click on the icon in the taskbar and select the option for "Configuration". Select "Proactive Security". This will require a restart. 'Proactive Security' is the most secure configuration of Comodo Firewall available.


B) Configure Firewall

There are also some changes that can be made to the Firewall component. Open the program and go to the Firewall tab. Click on "Stealth Ports Wizard" and select the option to "Block all incoming connections and make my ports stealth for everyone". In general this is the best choice, but it may interfere with some programs. If you have problems getting a program to connect to the internet, then instead select the option to "Alert me to incoming connections and make my ports stealth on a per-case basis". This will configure the firewall to ask your permission any time there is an incoming connection that Comodo Internet Security doesn't already know to allow or block.


While still under the Firewall tab, go to the "Firewall Behavior Settings". Select the tab for "General Settings", and select the option to "Enable IPv6 filtering". For an explanation of what IPv6 is you can read this Wikipedia page.


Now open the tab for "Alert Settings". Unless you are using Internet Connection Sharing on your network, and this PC is the "gateway", you can safely uncheck the box that says "This computer is an internet connection gateway". You can read more about Internet Connection Sharing on this site, but if you don't already know what it is chances are very high that you don't have it enabled.


Now open the "Advanced" tab and check the box to "Do protocol analysis". If your computer is part of a network you should also check the boxes to "Protect the ARP Cache" and "Block Gratuitous ARP Frames". If you are not part of a network then you do not gain any security by checking them. You can check th other two boxes if you like, I do, but they may affect performance.


C) Configure Defense+ / Sandbox

Now open the tab for "Defense+" and go to "Defense+ Settings". Open the tab for "Execution Control Settings". I would recommend changing the option to "Treat unrecognized files as" from "Partially Limited" to "Untrusted". Each time a program is sandboxed you will get a popup that asks you if you want to never sandbox it again. If you select not to then it will be added to your trusted files list. Only allow a program if you are 100% sure that it is safe. If you use these settings, and are careful about allowing programs, you will be protected against all but one piece of malware that I'm aware of.

Was this article helpful? yes / no
Related articles K129 How to Instal Little Snitch on MAC
K4 Bluetooth Setup
K130 Configuring Little Snitch on your MAC
K133 How to Disable Windows 7 / Vista from Downloading Automatic Updates
Article details
Article ID: 53
Category: Inmarsat
Date added: 2015-09-28 09:03:30
Views: 148
Rating (Votes): Article rated 1.0/5.0 (1)

« Go back

Powered by Help Desk Software HESK, brought to you by SysAid