Comodo Internet Security

• Introduction To Comodo Internet Security
  • Special Features
  • System Requirements
  • Installation
    • CIS Premium Installation
    • CIS Pro-Installation And Activation
    • CIS Complete-Installation And Activation
      • Installing Comodo Internet Security 2012 Complete
      • Activating Online Backup, TrustConnect And Guarantee
      • Installing Comodo Backup
      • Installing Comodo TrustConnect
    • Activating Pro/ Complete Services After Installation
      • Activating Your License
      • Activating Your Guarantee Coverage
      • Renewal Of Your License
  • Starting Comodo Internet Security
  • Comodo Internet Security - Overview Of Summary Screens
    • Comodo Internet Security – Summary
    • Comodo Antivirus – Summary
    • Comodo Firewall – Summary
  • Comodo Internet Security - Navigation
  • Understanding Alerts
• Antivirus Tasks-Introduction
  • Run A Scan
  • Update Virus Database
  • Quarantined Items
  • View Antivirus Events
  • Submit Files To Comodo For Analysis
  • Scheduled Scans
  • Scan Profiles
  • Scanner Settings
    • Real Time Scanning
    • Manual Scanning
    • Scheduled Scanning
    • Exclusions
• Firewall Tasks-Introduction
  • View Firewall Events
  • Define A New Trusted Application
  • Define A New Blocked Application
  • Network Security Policy
    • General Navigation
    • Application Rules
    • Global Rules
    • Predefined Policies
    • Network Zones
    • Blocked Zones
    • Port Sets
  • View Active Connections
  • Stealth Ports Wizard
  • Firewall Behavior Settings
    • General Settings
    • Alert Settings
    • Advanced Settings
• Defense+ Tasks - Introduction
  • View Defense+ Events
  • Trusted Files
  • Unrecognized Files
    • Unrecognized Files
    • Submitted Files
  • Computer Security Policy
    • Defense+ Rules
    • Predefined Policies
    • Always Sandbox
    • Blocked Files
    • Protected Files And Folders
    • Protected Registry Keys
    • Protected COM Interfaces
    • Trusted Software Vendors
  • The Sandbox - An Introduction
    • Unknown Files - The Sand-boxing And Scanning Processes
  • View Active Process List
  • Run A Program In The Sandbox
  • Defense+ Settings
    • General Settings
    • Execution Control Settings
    • Sandbox Settings
    • Monitoring Settings
• More Options-Introduction
  • Preferences
    • General Settings
    • Parental Control Settings
    • Appearance
    • Log Settings
    • Connection Settings
    • Update Settings
  • Manage My Configurations
    • Comodo Preset Configurations
    • Importing/Exporting And Managing Personal Configurations
  • Diagnostics
  • Check For Updates
  • Manage This Endpoint
  • Browse Support Forums
  • Help
  • About
• Comodo GeekBuddy
  • Overview Of Services
  • Launching The Client And Using The Service
  • Accepting Remote Desktop Requests
  • Registration
  • Activation Of Service
  • Uninstalling Comodo GeekBuddy
• TrustConnect Overview
  • Microsoft Windows - Configuration And Connection
  • Mac OS X - Configuration And Connection
  • Linux / OpenVPN - Configuration And Connection
  • Apple IPhone / IPod Touch - Configuration And Connection
  • TrustConnect FAQ
• Comodo Dragon
• Appendix 1 CIS - How To... Tutorials
  • Setting Up Security Levels Easily
  • Setting Up The Firewall For Maximum Security And Usability
  • Blocking Internet Access While Allowing Local Area Network (LAN) Access
  • Setting Up Defense+ For Maximum Security And Usability
  • How To Password Protect Your CIS Settings
  • How To Reset Forgotten Password (Advanced)
  • Running An Instant Antivirus Scan On Selected Items
  • Creating An Antivirus Scanning Schedule
  • Running An Untrusted Program Inside Sandbox
  • Restoring Incorrectly Quarantined Item(s)
  • Submitting Quarantined Items To Comodo For Analysis
  • Enabling File Sharing Applications Like BitTorrent And Emule
  • Blocking Any Downloads Of A Specific File Type
  • Disabling Defense+ And Sandboxing For Specific Files Selectively
  • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
  • Switch Off Automatic Antivirus And Software Updates
  • Suppressing CIS Alerts Temporarily While Playing Games
• Appendix 2 Comodo Secure DNS Service
  • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
• Appendix 3 CIS Versions
• About Comodo Security Solutions

Stealth Ports Wizard

 

Port Stealthing is a security feature whereby ports on an Internet connected PC are hidden from sight, evoking no response to opportunistic port scans.

 

General Note: Your computer sends and receives data to other computers and to the Internet through an interface called a 'port'. There are over 65,000 numbered ports on every computer - with certain ports being traditionally reserved for certain services. For example, your machine almost definitely connects to Internet using port 80 and port 443. Your e-mail application connects to your mail server through port 25. A 'port scanning' attack consists of sending a message to each of your computer ports, one at a time. This information gathering technique is used by hackers to find out which ports are open and which ports are being used by services on your machine. With this knowledge, a hacker can determine which attacks are likely to work if used against your machine.

Stealthing a port effectively makes it invisible to a port scan. This differs from simply ‘closing’ a port as NO response is given to any connection attempts (‘closed’ ports respond with a ‘closed’ reply- revealing to the hacker that there is actually a PC in existence.) This provides an extremely high level of security to your PC. If a hacker or automated scanner cannot 'see' your computers ports then they presumes it is offline and move on to other targets. You can still be able to connect to Internet and transfer information as usual but remain invisible to outside threats. Comodo Firewall provides the user with flexible stealthing options:

1. Click on 'Stealth Ports Wizard' in Firewall Tasks.

2. You have three options to choose from:

• Define a new trusted network

• Alert me to incoming connections

• Block all incoming connections

Click the option you would like more details on:

• Define a new trusted network and make my ports stealth for everyone else

• Alert me to incoming connections and make my ports stealth on a per-case basis

• Block all incoming connections and make my ports stealth for everyone

Define a New Trusted Network and Make my Ports Stealth for Everyone Else

 

By selecting this option your machine's ports is stealthed (invisible) to everyone EXCEPT those networks that you specify as trusted.

 

To begin the wizard

1. Click 'Define a new trusted network and make my ports stealth for everyone else' link.

A dialog box appears, asking you to choose the new trusted zone:

 

2. If you have already configured a network zone then leave the upper option selected, choose your desired network from the 'Zone Name' drop-down box and click 'OK'.

If you have not yet defined a zone you wish to trust, you can do so in 'Network Zones' area in Network Security Policy interface of the firewall or manually define and trust a new zone from this dialog box.

 

To manually define and trust a new zone from this dialog box

1. Select 'I would like to define and trust a new network zone'.

2. Enter the IP range for the zone for which you want your computer to be visible - starting from the Start IP to the End IP (or specify a Subnet Mask)

3. Click 'OK' to create the new Zone rule.

If you wish to add more than one zone, simply repeat this procedure.

 

Using the 'Define a new trusted network and make my ports stealth for everyone else' option creates a new trusted zone by adding the following rules in the 'Global Rules' interface:

 

The specific parameters of the descriptive rule name above are:

Allow | IP|Out |From Any IP Address |To |Where Protocol is ANY

Allow| IP | In| From| To Any IP Address | Where Protocol is ANY

If you would like more information on the meaning and construction of rules, please click here.

Alert me to incoming connections and make my ports stealth on a per-case basis

 

You see a firewall alert every time there is a request for an incoming connection. The alert asks your permission on whether or not you wish the connection to proceed. This can be useful for applications such as Peer to Peer networking and Remote desktop applications that require port visibility in order to connect to your machine.

Specifically, this option adds the following rule in the 'Global Rules' interface:

 

Block |  ICMP | In| From Any IP Address| To Any IP Address | Where Message is ECHO REQUEST

 

If you would like more information on the meaning and construction of rules, please click here.

Block all incoming connections and make my ports stealth for everyone

 

Selecting this option means your computer's ports are invisible to all networks, irrespective of whether you trust them or not. The average home user (using a single computer that is not part of a home LAN) finds this option the more convenient and secure. You are not alerted when the incoming connection is blocked, but the rule adds an entry in the firewall event log file. Specifically, this option adds the following rule in the 'Global Rules' interface:

 

Block And Log |  IP | In| From Any IP Address| To Any IP Address | Where Protocol is Any

If you would like more information on the meaning and construction of rules, please click here.

 

---

Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved