Setting up the Firewall For Maximum Security and Usability
Note – the firewall is configured by default to provide total security. This section is for advanced users who wish to tweak settings even further.
Stealth Ports Settings
Port Stealthing is a security feature whereby ports on an Internet connected PC are hidden from sight, sending no response to opportunistic port scans.
-
Open 'Firewall Tasks' from the Tasks interface
-
Open 'Stealth Ports' interface by clicking the 'Stealth Ports' icon from the' Firewall Tasks' panel
-
Select 'Block Incoming Connections' to make computer's ports are invisible to all networks
Network Zones Settings
The
'Network Zones' settings allow you to configure connections for a
router/home network. (This is usually
done automatically for you).
To view the configurations
-
Click Settings > 'Firewall'> 'Advanced Settings'.
-
Click 'Network Zones' under Firewall from the left hand side pane
-
Click 'Network Zones' tab from the 'Network Zones' interface
Check the Loopback zone and Local Area Network #1. In most cases, the loopback zone IP address should be 127.0.01/255.0.0.0
In
most cases, the IP
address of the auto detected Network zone should be192.168.1.100/255.255.255.0
Firewall Settings
The
Firewall Settings option allows you to configure the protection level
for your internet connection and the frequency of alerts generated.
To open Firewall Settings panel
- Open 'Firewall Tasks' from the Tasks interface > 'Open Advanced Settings'.
- Click 'Firewall Settings' under Firewall from the left hand side pane
- Ensure that 'Enable Traffic Filtering (Recommended)' is selected and choose 'Safe mode' from the drop-down beside it.
Safe Mode: While filtering network traffic, the firewall will automatically create rules that allow all traffic for the components of applications certified as 'Safe' by Comodo. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application Internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.
Alert Settings
Under 'Alert Settings' in the Advanced Settings interface:
- Deselect 'Do NOT show pop-up alerts'
- Select 'Set alert frequency level' option and choose 'Low' from the drop-down. At the 'Low' setting, the firewall shows alerts for outgoing and incoming connection requests for an application. This is the setting recommended by Comodo and is suitable for the majority of users.
Advanced Settings
When launching a denial of service or 'flood' attack, an attacker bombards a target machine with so many connection requests that your computer is unable to accept legitimate connections, effectively shutting down your web, email, FTP or VPN server. To protect from such attacks, make the following settings under 'Advanced' in the 'Firewall Settings' interface:
- Select 'Filter loopback traffic'
- Ensure that 'Block fragmented IP traffic' is selected
- Block fragmented IP traffic - When a connection is opened between two computers, they must agree on a Maximum Transmission Unit (MTU). IP Datagram fragmentation occurs when data passes through a router with an MTU less than the MTU you are using i.e when a datagram is larger than the MTU of the network over which it must be sent, it is divided into smaller 'fragments' which are each sent separately. Fragmented IP packets can create threats similar to a DOS attack. Moreover, these fragmentations can double the amount of time it takes to send a single packet and slow your download time.
- Select the 'Do Protocol Analysis' checkbox to detect fake packets used in denial of service attacks
- Select 'Enable anti-ARP spoofing'
Click 'OK' for your settings to take effect.
Setting-up Application Rules, Global Rules and Predefined Firewall Rulesets
You can configure and deploy traffic filtering rules on an application-specific and a global basis. You can also create and deploy predefined firewall rule-sets.
To view Application Rules
- Open 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.
- Click 'Application Rules' under Firewall from the left hand side pane
- Use this interface to add, edit, enable/disable or remove internet connection rules for specific applications.
To view Global Rules
- Open 'Firewall Tasks' by clicking 'Firewall Tasks' from the Tasks interface and click 'Open Advanced Settings'.
- Click 'Global Rules' under Firewall from the left hand side pane
- Use this interface to add, edit, enable/disable or remove global rules which apply to all traffic
To view Predefined Firewall rulesets
- Open 'Firewall Tasks' then 'Open Advanced Settings' (bottom right)
- In the left hand menu, click 'Rulesets' under 'Firewall Settings'
- Use this interface to add, edit, enable/disable or remove rulesets