Computers Windows Internet
Expand
home

Comodo firewall how to hide ip. Installing and configuring Comodo Firewall. We drag this arrow up and a window with actions will pop up, thanks to which we can already fully work with exceptions

The main firewall modes in the advanced settings window: Custom set of rules, when for all programs that do not have network rule, an alert will be raised, and Safe Mode, when trusted programs are allowed outbound connections by default. The procedure for applying the rules is detailed. Additional, little-used modes: Complete blocking, when any network activity is suppressed, regardless of the rules, and Learning mode, in which any connections are allowed and allowing rules are automatically created.

The option "Create rules for safe applications" prescribes in "Safe mode" not only to allow network activity to trusted applications, but also to automatically create rules for them. I do not recommend including, as well as. This option does not affect work in the "Custom Rule Set" mode.

If the "Do not show notifications" option is checked, then the selected action will be applied instead of the notification: permission or block. In this case, new rules will not be created. I recommend setting the "Do not show notifications: Block requests" mode after creating all the necessary rules.

If you check the "Remember my choice" option when responding to an alert, a corresponding rule will be created. The Alert Rate option determines how granular this rule will be. If, for example, set the level "Very low", then the rule will allow or deny any network activity at once. I recommend the level "Very High": then the rule will contain the IP address and port.

If the "Automatically detect private networks" option is enabled on the "Network zones" tab, when you connect to a new network, a prompt will appear prompting you to indicate its status. This will create a new entry in the list of network zones, and if you select the status of "home" or "work" network, allowing rules will also be created for it. If the option "Do not show notifications, considering that the connection to the Internet is ..." is enabled along with this option, then new records about network zones and allowing rules for them will be created automatically, without notifications. I recommend disabling both options: in this case, the connection will occur without notification and without creating new rules, i.e. the network will be silently perceived as "public".

When connected to an unsecured Wi-Fi networks there are notifications with a proposal to use paid service Trustconnect. The display of these notifications is disabled by the corresponding option.

To control connections inside the computer (for example, to prohibit certain programs from accessing the Internet through a local proxy server), you need to check the "Enable loopback traffic filtering" option (recommended).

To control connections over the IP protocol version not only of IPv4, but also of IPv6, check the "Enable IPv6 traffic filtering" option (recommended).

The Block IP Fragmented Traffic option protects against an attack based on sending a TCP packet that is so fragmented that its header and TCP session cannot be determined. I recommend turning it on.

The "Analyze protocol" option instructs to check each packet for compliance with protocol standards, while fake packets are blocked. I recommend turning it on.

Finally, the "Enable ARP Spoofing Protection" option protects the ARP table from being altered by an attacker who sends a "spontaneous ARP response" (no request response). I recommend turning it on.

Create firewall rules

Application rules

The usual way to create a rule for an application is:

  • open the "Rules for Applications" tab, click "Add";
  • specify the application, this can be done different ways:
    • to push Browse → Files and specify the file;
    • to push Overview -> Running Processes and select an application;
    • to push Overview and select a group of files;
    • enter the path directly into the "Name" field (or a pattern using the * and? symbols and environment variables);
  • set rules:
    • or click "Use a set of rules" and select the required set from the list;
    • or click "Use your own set of rules" and add your own rules (you can copy any set);
  • click "Ok" and arrange the rules for applications using the "Up" / "Down" buttons.

When adding your own rule, you will need to specify:

  • action: "Allow", "Block", or "Ask";
  • direction: incoming (i.e. initiated remotely), outgoing (i.e. initiated on this computer) or any;
  • description: text representing the given rule; if not specified, then the list of rules will be displayed detailed description;
  • departure address and destination address;
  • protocol:
    • IP, in this case it will be possible to specify the protocol on the "IP Details" tab;
    • ICMP, in this case on the "ICMP details" tab it will be possible to specify the type and ICMP message;
    • TCP and / or UDP, in this case it will be possible to set the source port and destination port;
  • an option whether to log network activity in the log.

Note that not only a single IP address can act as a source / destination address, but also a network zone and many other objects, and you can also invert the selection with the "Exclude" option. Similarly, source / destination ports can be a set of ports, incl. inverted. Note that the remote address for the outgoing connection is the "Destination address", and the remote address for the incoming connection is the "Starting address"; Likewise with ports. Therefore, generally speaking, the simultaneous permission of incoming and outgoing connections with any remote host is specified by two rules:

  • one rule allows incoming from a remote host to any address;
  • the other allows outgoing from any address to a given remote host.

When specifying a set of several rules, you should order them taking into account that the rule located above takes precedence.

Global rules

Global rules determine the network activity of a computer as a whole; their restrictions take precedence over rules for applications. Denials specified in global rules are more effective than application rules. In particular, hiding ports globally makes the computer invisible when trying to scan them.

There are predefined sets of global rules. The interface for switching between them is presented as a choice of the computer visibility mode on the network: "Block incoming connections" or "Notify about incoming connections" ( Main Window → Tasks → Firewall Tasks → Hide Ports).

Selecting the "Notify on incoming" mode removes the global blocking of incoming connections and imposes further control on the rules for applications. However, it is safer to still allow incoming only to certain ports and / or from certain networks, and block the rest. So, the screenshot shows a sample of global rules with the minimum permission of incoming connections, which are required only for replies to ping requests from local network, opening access to files from it, seeing the names of the network environment and for the torrent client to work. There are approaches for.

Creation of your own global rules is carried out in the same way, the only difference is the absence of the "Ask" action.

Filegroups, Network Zones, Port Sets, and Rule Sets

You can reduce many of the same operations and make your rules more visual by creating your own filegroups, network zones, port sets, and custom rule sets.

Groups of files are formed on the tab File rating → File groups, these are named sets of their pattern paths using wildcards * and? and environment variables. For example, using them allows you to create rules for the operation and auto-update of a Flash player or Java, since these processes change file names and use temporarily created loaders. You can specify name templates without using file groups, however, groups are preferable due to clarity, compactness, and the ability to assign restrictions of a certain kind simultaneously in different protection components. For example, you can create a group "NoInternet", which will be simultaneously denied direct Internet connections, DNS queries, the use of the BITS service, starting the browser and access to its memory.

On the Rule Sets tab, you can see which rules are contained in the predefined firewall policies, and modify these policies, or create your own. In the future, it will be possible to assign these policies to applications: through the "Rules for Applications" tab or through firewall notifications. Note that only those policies will be offered in the notification, which specify an unambiguous action for this network activity: allow or deny. For example, if an application tries to contact a web server on port 80, then the notification will not offer the "Mail client" policy, but the "Web browser", "FTP client", etc. policies will be.

On the Port Sets tab, you can group any combination of ports into a named set so that you can use it later in rules as a source or destination port. When creating sets, you can combine single ports, port ranges, and their inversions.

The "Network zones" tab has the following peculiarity: on it you can not only group addresses into named "zones" for their further use in rules (as a source or destination address), but also set the status of these zones. So, if you create a zone and then add it to the Blocked Zones tab, then all connections to it will be blocked, regardless of the rules. In addition, the network zone can be marked with the status "Shared network".

The procedure for applying firewall rules

When network activity is detected, it first checks whether the remote address belongs to any. If it belongs, then the connection blocked... If not, consideration begins global rules.

Global rules are viewed from top to bottom. If for the requested type of connection the first rule with the action "block" is found, the connection prohibited... If no matching rule is found, or if an allowing rule is found first, consideration begins rules for applications.

When a program tries to establish a connection (allowed by global rules), the list of applications and rules for them is scrolled from top to bottom. At the first match found (i.e. when the this program or the program group containing it and the requested type of connection), the action specified in the rule will be performed: allow, block or show notification(if the "Do not show notifications" option is enabled in the setting, then the action specified in this option will be performed instead of the notification: allow or block).

If no suitable firewall is found in the list of firewall rules, the connection will be automatically allowed in the following cases:

  • when the firewall works in the "Learning Mode" (in this case, a permitting rule will be created);
  • when the option "Do not show notifications: Allow requests" is enabled;
  • when the firewall is running in "Safe Mode", the "Do not show notifications" option is disabled, and the program is trusted and runs in a real environment;
  • when the firewall is running in "Safe Mode", the program is trusted and runs in the real environment, and the requested connection is outgoing.

In other cases, an alert is generated, or if the option "Do not show alerts: Block requests" is enabled, the connection is denied.

In particular, I would like to note that programs running virtually are controlled by a firewall, regardless of their rating. Therefore, even if the firewall is running in "Safe Mode", you will need to create permissive rules to use browsers.

You may notice that in "Safe Mode" the firewall is somewhat illogical to process incoming connections of trusted programs. This is probably a bug.

Access to local network resources

By default, the firewall rules do not have permissions to obtain information about the network environment, open file sharing on the local network, etc. These permissions are not needed if the network is only used to access the internet.

Trusted network status

The easiest way to create permissions for a local network is to assign it a "trusted" status. This can be done in a number of ways.

If the "Automatically detect new private networks" option is enabled on the "Network zones" tab, then when you connect to a new network, an alert appears in which you need to indicate your location. The “trusted” status is assigned by choosing the options “at home” or “at work”. This will create a pair of global rules to allow any outbound and any inbound connections to that network, and a pair of similar rules for the System process. If you select the option "in a public place", new rules are not created.

If the discovery of new networks is disabled or the network was previously assigned the status of "public", then you should open the "Network Management" window ( Main window → Tasks → Firewall tasks), check the "Trust networks" item and click "Ok". The result will be similar to the previous one.

To return the network to its neutral status, the easiest way is to select the "Block network" item in the "Network Management" window, and then open the tab in the settings window. Network Zones → Blocked Zones and remove this network from there.

There is a bug: when a network zone is not created for an active network and in fact this network is treated as a "public" one, then the "trusted" status will be indicated in the "Network Management" window for this network.

Attention! If you press the "Ok" button in such a window, then the active network will indeed become "trusted", i.e. a corresponding entry will appear in the list of network zones and firewall rules will be created to allow connections on this network. If network trust is not required, then close the "Network Management" window with the "Cancel" button.

Example of permissions for accessing a local network

Trusting a local network can only be established if it is completely secure. Therefore, it is recommended to assign the network status neutral (“public space”), enable and then add the necessary permissions. Usually to access network resources it is necessary, in addition to the original rules, to allow the following incoming connections to the System process (everywhere the “origin address” is the local network):

  • UDP connections with source port 137 and destination port 137: so that you can refer to computers by NetBIOS names;
  • UDP connections to source port 138 and destination port 138: so you can still see network environment;
  • TCP connections on destination port 445: to open file sharing.

To specify "System" as an application when creating rules, you need to select it from the running processes.

All these permissions must be duplicated in the global rules. They should also allow incoming ICMPv4 connections sent from the local network with the "echo request" message; this is necessary not only to be able to respond to ping requests, but also to open file sharing. An example of a set of global rules.

Firewall features

The Comodo firewall does not control incoming loopback connections (but does control outgoing ones). So, when using a local proxy, it is enough to allow only outgoing connections to the Internet for the proxy server and outgoing to “localhost” for the browser (whereas many other firewalls would also require to allow incoming from “localhost” for the proxy server).

It works in a peculiar way: if you specify in the rule as an address Domain name, then CIS will find the minimum and maximum IP addresses for this name, and then all intermediate IPs will be considered as belonging to it.

The peculiarity of the CIS 10 version, which can be called an advantage, is that the ICMP traffic belongs to various applications. Previous versions of CIS (as well as, for example, Windows firewall) perceived this traffic as belonging to the System.

Content filter

The Content Filter component restricts access to websites by their addresses. Comodo updatable lists are used to determine address security, and custom lists can be defined. When trying to open a prohibited site, the user will see a page with a message about the blocking, as well as, depending on the setting, with a proposal to temporarily ignore the ban or add this site to exceptions.

Categories. Importing custom lists

Lists of addresses or their (using the * and? Characters) are called categories. Comodo's own categories are Safe Sites, Phishing Sites, and Malicious Sites. They update automatically and cannot be viewed or changed. The rest of the categories - available for modification by the user - are set on the "Content filter"> "Categories" tab. Initially, there is a category "Exceptions", it includes sites excluded from blocking through notifications in the browser.

It makes sense to add categories with lists of malicious sites from other sources. Lists and Symantec WebSecurity are recommended. For the latter one should visit the MalwarePatrol website.

To use an additional list, follow the "Categories" tab through context menu create a new empty category and then import the list from a file. When choosing a file, you must specify the list format, otherwise the content filter will not work correctly ( typical mistake users).

Format of posts in content filter categories

A notation in the form of a template covers addresses that completely match this template. For example, * .example.com matches http://test.example.com, but not http://test.example.com/404 or http://example.com.

An entry without wildcards is identical to the pattern obtained by appending a * at the end. For example, the records https://example.com and https: //example.com* are identical, they correspond to the addresses https://example.com, https://example.com/404 and https: //example..example .com. Thus, the site's domain name entry also encompasses its directories, but not subdomains.

The HTTP protocol in the content filter is absence protocol. For example, a record like example.com matches http://example.com, but not https://example.com. An entry of the form example.com/* matches the address http://example.com/404. Attention! The URL http://example.com does not match the records http * example.com * and * / example.com *, i.e. containing at least part of the protocol indication.

The HTTPS protocol is indicated either explicitly or using templates. For example, records https://example.com match addresses https://example.com, https://example.com/404, etc. The * // example.com entry matches https://example.com, but not http://example.com or https://example.com/404.

It should be said that the blocking of HTTPS pages by the content filter occurs without notifications and offers to cancel the ban. Moreover, blocking HTTPS pages may not work depending on the browser used.

So suppose it is required to block the site example.com at the same time for HTTP and HTTPS protocols, with directories, but no subdomains... To do this in the most targeted way, let's add 4 entries to the blocked category:

  • example.co?
  • example.com/*
  • https://example.co?
  • https://example.com/*

(Using the? Character instead of any letter prevents the * character from the end of the line.)

Alternatively, you can get by with a single record like * example.com *, but then not only the required addresses will be blocked, but also https://www.example.com/404, https: //myexample..common.html.

Content filter rules

Each content filter rule contains a list of categories to which it applies, and a list of users or their groups with their restrictions. The interface for changing the list of categories is obvious.

Users and their groups are added through the context menu in the "Restrictions" field: "Add"> "Advanced ..."> "Object types"> check all> "Ok"> "Search"> select desired entry> "Ok".

Typically, the "Everyone" group is used as a user. If you need to set different restrictions for different users, you should be sure to indicate the restrictions for each of them... Otherwise, it is possible that a user who is not specified in the rule will gain access to sites from the listed categories, even if there is another prohibiting rule.

According to Windows 8 and higher, in each rule, the entry "ALL APPLICATION PACKAGES" should be added to the list of users with the same restrictions as for users. Otherwise, blocking will not work for Internet Explorer 11.

For correct work with exceptions from blocking, the Allowed Sites rule must be higher than the Blocked Sites rule.

optimal, with a minimum of pop-up notifications, quickly andcustomize yourself ... The author's version of the advanced settings of the program largely coincides with the one recommended in the Russian part of the International COMODO Forums (branch "CIS / CFP for newcomers to firewalls"). You can visit these forums by clicking on the "Visit Support Forum" item in the "Miscellaneous" tab. The only thing, you will be taken to the main English-language page, therefore, in order not to search, here is a directlink to the forum "In Russian / Russian". Useful information on the topic a lot - those who wish, of course, can "dig". And I, for convenience, point by point, will proceed with what I promised.


Configuring Comodo Firewall

1. In the beginning, I suggest changing the default gray-gloomy "face" of Comodo Firewall for something more interesting. To do this, in the same "Miscellaneous" tab, click "Settings"> " Appearance">" Theme "change the gray theme of COMODO Default Normal to, say, COMODO Blue Normal and," dressed up ", move on.

Hello dear readers of the blog site! In this article I continue my big topic about protecting your computer from different types of threats. In my last article on this topic, I started talking about protecting your access to the Internet and controlling applications using a special protection component - Firewall, which is part of Kaspersky's extended protection - Kaspersky Internet Security. In another way, Firewall is also called "Firewall" or "Firewall".

And now I will again talk about protection with Firewall, but from another developer and which can be installed separately along with any antivirus product without installing specially complex protection from one manufacturer. The product I want to talk about is called Comodo Firewall. Its most important advantages are free and high quality traffic protection!

In a previous article, I already mentioned that Comodo also offers free antivirus(read about it here:) or even free complex protection: Comodo Internet Security. However, the antivirus itself from this developer is not as reliable as, for example, Kaspersky Anti-Virus or Avast, so I recommend that Comodo install only a firewall and, separately, a reliable antivirus from another developer. Or use the Kaspersky Internet Security package.

Let's consider the installation and basic settings of the Comodo firewall.

Comodo Firewall installation process

Installing a separate product, Comodo Firewall, can be said to be no different at all from installing an antivirus from Comodo, so I will analyze this process more briefly - without commenting on each configurable option.

You can find more detailed comments on installation at the beginning of the article, the link to which is given above.

So let's start:

Configuring Comodo Firewall

Configuring Comodo's Firewall is simple and almost everything will be configured by default in the most optimal way. We will only have to check and, if necessary, tweak something. Before configuring the Firewall component itself, let's do some actions with the main Comodo settings:

    Immediately after installing the Firewall, a pop-up window will appear in which you need to select which network you are connected to. We select "I am at home":

    Now we launch the main window of Comodo Firewall by clicking on the icon in the tray (area near Windows clock) and see a big Exclamation point(which indicates that some component is not working) and an active "Fix" button. In this case, only a reboot is required from us, because after installation, not all protection components were launched.

    Just click the "Fix" button:

    The computer will restart and after the system boots, the Firewall components will already be enabled and the warning icon will disappear.

    If you have Windows 7, then on the right side of the desktop there will be a completely unnecessary widget from Comodo :) This is how it looks:

    Let's take it out. To do this, click right click mouse on the Comodo icon in the tray, select the "Widget" item, and then click on the button marked with the "Show" checkbox:

    As a result, the widget will disappear and will no longer be an eyesore, as well as consume system resources :)

    Now we launch the main Comodo Firewall window again from the desktop or from the tray and update the databases by clicking the corresponding button (see the image below):

    The database update will start and if there are new versions, they will be updated. After that, the window will close automatically after a few seconds.

    Even if you installed latest version antivirus or firewall from the developer's official website, I still recommend checking for updates immediately after installing the product.

    Now let's go directly to checking the settings of the component - the firewall. For convenient access to all settings, switch to the extended mode of the main window. To do this, in the upper left corner, click on the small button as in the image below:

    Now the main window of Comodo Firewall is slightly transformed, and we will see more functions. But the main thing is that now we can easily go to the settings of the firewall itself. To do this, simply click on the "Firewall" link in the upper left corner:

    As a result, we find ourselves in the first window of Comodo firewall settings.

    As soon as we went to the settings, the very first menu from the "Firewall" category - "Firewall Settings" will open in front of us.

    These settings are optimal, but I'll make some comments.

    The "Enable Firewall" checkbox, of course, is responsible for enabling or disabling protection. In no case uncheck the box, otherwise the installed Comodo Firewall will not be of any use to anyone, since the firewall itself will simply be turned off :)

    Next to the checkbox for enabling / disabling the firewall, there is a list where you can select the security mode. I'll tell you briefly about these modes:

    • Full blocking. By choosing this mode, the firewall will block absolutely all connections, both incoming and outgoing and from any networks. Your computer will be isolated as if you disconnected all the networks on the computer and removed the network cable.

      This mode, in principle, is not needed as such, since its use can be useful only when working in extremely dangerous unprotected networks, in which various virus threats are walking in crowds.

      Custom rule set. By choosing this mode, the firewall will work and block traffic only following the rules for programs and networks that we will set ourselves. In this case, the firewall will not take into account that the program is trusted and has a digital signature. He will only make decisions based on the rules we have set.

      Safe mode. This is the mode that I recommend using. When working in this mode, the firewall itself creates most of the rules for trusted applications that have valid digital signatures... Based on this, he chooses which connections to allow this or that application, and which not. When it detects unrecognized and untrusted programs, Comodo will give the user a choice whether to allow or block the connection, telling what actions the application was going to perform.

      Training mode. In this mode, the firewall will not show any notifications and will create rules for all applications by itself, allowing them network requests. The mode can be used only if you are 100% sure of the reliability of the applications installed on your computer. As a rule, this cannot be, therefore I do not recommend using this mode :)

    In the "Rules for Applications" firewall menu, we can set rules for any applications or see rules that have already been created earlier.

    All rules that have already been created will be visible immediately if you click on the Application Rules menu. In order to add your own rule, right-click on an empty area in the window and select the "Add" item:

    Now I will show with an example how to block access to the network for any of the programs.

    To do this, in the window that opens, first of all, you need to select the program for which we are creating the rule (as I indicated for an example: block access to the network). We click on the "Browse" button, after which you can select many files at once by selecting the "File groups" item and marking the corresponding group. You can also select one of those launched in this moment processes in the system and create a blocking rule for it. But it is more convenient to select the "Files" item:

    After we select "Files", an explorer will open, where you need to select the program for which we will create a rule. For example, I will block access to the Internet for a known browser - Mozilla Firefox... I am looking for the folder where Firefox is installed and select the file responsible for launching (firefox.exe). Then I click the "Open" button in the explorer:

    Now we will automatically return to the previous window and see that the path to the program we specified has now appeared in the "Name" field. We mark the item "Use a set of rules", then on the right from the list of ready-made rules select "Blocked application":

    After all the settings in this window are set, click the "OK" button below to save them:

    As a result, we will return to the window with a set of rules for programs and in the list we will see the newly added program (in my example, Firefox) with the “Blocked application” rule. In order to immediately check the result, you need to apply all the changes in the rules and click again the "OK" button below:

    To test my action, I run Mozilla browser Firefox and try, for example, to open our favorite blog - site :) As a result, I get the error "Connection attempt failed":

    And this is exactly what we needed for the example :) Firefox connections are blocked. It is clear that Firefox, seriously, certainly does not need to be blocked. This was just an example :) You can and should block programs that do not need access to the Internet or programs that are untrusted.

    It is even easier to delete the created rule. You need to go back to the firewall menu - "Rules for applications" and right-click on the right rule, select the item "Remove from the list":

    In our chosen mode "Safe Mode", Comodo Firewall will be very good at choosing rules for applications and we rarely have to dig in and configure the rules ourselves. In principle, this is actually the end important settings firewall from Comodo for beginners. I do not recommend making any settings in the rest of the firewall menus, since they are already intended for much more experienced users who understand computer networks and have a more complete knowledge of networking in operating systems.

The settings that I showed are enough to protect the computer from hacker attacks and block access to the Internet for untrusted applications or whatever we choose.

Surely you have noticed that in addition to the "Firewall" section, there are other sections in the settings, for example: "Protection +", "File rating", "General settings". Desired settings from the listed sections I have already described in one of my previous articles - "Another good free antivirus - Comodo", therefore, if necessary, you can read about them in that article by clicking on the link above.

And on this, the last of the articles I have planned at the moment, I am completing.

Not a single article on computer topics awaits you, for example: backup data, remote control computer and others :) I think that the periodic deviation from the topic of surfing and making money in the direction of technical issues is even useful. Thus, on the same favorite blog, we study, in addition to solid information about earnings, our computer and everything connected with it :)

See you soon! Good luck to you;)

The little son came to his father and asked the little one:

- Whose defense is good, but whose - not very?

I have no secrets, listen guys.

I publish my opinion on this matter below.

In fact, there is no better firewall, just as there is no better firewall. the best antivirus or browser - each computer user chooses his best software product.

Perhaps now I have disappointed many, but it is so. There are a huge number of users who believe that Comodo Firewall is the best free firewall for Windows and I do not argue, but before it worked fine for me for several years ESET NOD32 with its protector, and after him avast! Internet Security, also with a firewall ...


An excellent and powerful free firewall for Windows

I never had any complaints about their protection until I experienced the last complex. program for checking the reliability of the firewall.

He failed the test and it was decided to change the firewall. The choice fell on Comodo Firewall - it is being tested for reliability and of course it is completely free.

Today I want to describe some of the nuances of installing it and setting it up.




Our whole life is a search for something. Search for money, fame, love ... the best firewall or browser (popular wisdom).

The first question you may have is the size of the installer of this firewall, which is downloaded after launching the web installer - 202 MB! Why such a wild size?

Because it has a whole bunch of unnecessary additions, even the browser was shoved there.

I will now show you how to install one Comodo Firewall and after that you can safely remove this giant installer. But you still need to download the entire file, following the link from the manufacturers' official website, which is higher ...

Met on the net, once upon a time, relieved setup file of this protective screen, without additions, but firstly - it was not official, and secondly - I lost the link 🙂.

Installing Comodo Firewall

Over time, software manufacturers change the interface of their creations, improve them in every possible way, add new functions and remove unclaimed ones ... They have the right to do so. In any case, their logic, purpose and spirit always remain the same - starting from this review, you can understand any hypostasis of software.



Here they are - extra additions. Uncheck them and move on ...


I have already described to you how to find the fastest DNS servers, and so - COMODO DNS servers are not only slow, but also scared to the full.



Leaving the top checkbox, you will get yourself a headache - half of the sites will be blocked. I recommend leaving the second checkbox.

Be sure to go to "Configure Installation" ...



Here it is, our dear - how can it be without Yandex !!!

Of course we remove all the jackdaws ...


We look around and find out where we are. If you do not have your own home local network, I recommend clicking "I am in a public ... place".

Congratulations! You have installed Comodo Firewall - the best free firewall for Windows.


Let's tweak it a bit now ...

Configuring Comodo Firewall

In fact, there are many configurations of settings for this firewall - the Internet is flooded with them (here is one of them). You can set up the defender in such a way that you won't be able to breathe between his notifications, warnings and questions.

Or you can convince him to work quietly and unobtrusively - it's up to you, I will give just a few tips below ...

Go to the program settings ...



... and put ALL jackdaws in the advanced settings (as many advise on the network), but if you have problems with accessing the Internet, remove the two bottom ones.


Here you can turn off the display of the widget on the desktop, if you do not need it ...

I left it, although I absolutely do not like any widgets on the desktop. Slightly edited it by clicking the RIGHT mouse button on the firewall icon in the tray ...


And here is the worst firewall setting that will turn it into a real reinforced concrete wall ...


Instead of safe mode can be installed ...

In this mode, get ready for a million questions from a defender on any occasion. But reliability check now your Comodo Firewall will pass - 100%.

Firewall questions look like this ...

You can put a tick at the bottom of this window (remember ...) and just allow execution. This is if you know a program that is trying to go online. You can also "Process as" ...


Thus, we get rid of repeated questions, for example, about an appeal. Nexus software to Clover.

Firewall Comodo Firewall since version 3.5 it is included in the free complex protection Comodo Internet Security and can be installed as a separate component.

Comodo Firewall is designed to protect users of PCs running Windows; in terms of its capabilities, it is practically not inferior to similar products, including individual commercial developments.

The interface is extremely simplified, but at the same time provides all the necessary capabilities and functions.

Main components of Comodo Firewall

Key features of Comodo Firewall

Multifunctional firewall - firewall

Comodo Firewall provides high level protection against incoming and outgoing threats. Thus, you get the most effective protection against hackers, malware and identity theft. Now the firewall has been improved with the addition of new features:

  • Stealth Mode to make your computer completely invisible for port scanning;
  • Automatic detection trusted zones based on the master;
  • Predefined firewall policies let you quickly apply the necessary security rules;
  • Diagnostics for analyzing the system for possible conflicts with the firewall and much more.

Behavioral blocker

  • Checking the integrity of each program before allowing it to be loaded into the computer's memory;
  • Performs cloud-based behavior analysis for immediate malware detection;
  • Warns you every time unknown or untrusted applications try to launch or install;
  • Blocks viruses, trojans and spyware before they can access your system;
  • Prevents unauthorized changes to critical system files and records windows registry;
  • Includes an automatic sandboxing feature that completely isolates untrusted files from the rest of the computer

Intrusion Prevention System HIPS

  • Virtually impenetrable protection against rootkits, injections into processes, keyloggers and other zero-day threats.
  • Comodo's free firewall monitors the activity of all applications and processes on your computer and allows files and processes to run if they comply with prevailing security rules.
  • Blocks malware activity by stopping any action that could cause damage operating system, system memory, registry, or personal data.
  • Allows experienced users improve security measures by quick creation custom policies and rulesets using an easy-to-use and powerful rules interface.

Virtual kiosk

  • A virtual sandboxed environment for running programs and surfing the Internet, isolated from your real computer. Apps and web browsers run inside the kiosk without leaving cookies or history on the real system, making it a secure environment for online banking and online shopping.
  • Prevents viruses, rootkits and spyware to your computer and provides protection against hacking.
  • Includes virtual keyboard which allows the user to securely enter credit card numbers and passwords without fear of interception programs (keyloggers).
  • The virtual kiosk in Comodo Firewall allows power users to run beta software in an isolated environment that will not disturb the stability or file structure of the real system.

Viruscope

This is a system that allows you to dynamically analyze the behavior of running processes and keep a record of their activity. Viruscope monitors the activities of the processes running on your computer and warns you if they try to perform suspicious actions.

Internet Security Essentials

SSL Certificate Verification Tool protects against phishing (phishing) sites that try to steal confidential information.



Did not find an answer to your question? Look at here
How to deactivate the How to deactivate the "You've received a call" service from MTS?
Factory reset and hard reset Apple iPhoneFactory reset and hard reset Apple iPhone
Factory reset and hard reset Apple iPhoneFactory reset and hard reset Apple iPhone