comodo firewall version 3 0

That's right. I should do seach before post. Here we go, free for downdload: ALPHA version of comodo defense+. As mentioned in Castlecorps, it's alpha of a. This proactive approach enables PCs to remain free from more viruses better than virtually any other detection based solution on the market. NEW! COMODO SafeSurf Toolbar built on COMODO Memory Firewall technology * FIXED! COMODO Firewall does not add files from network shares to pending list. CYBERDUCK PROBLEM LISTING DIRECTORY

Protocol: Allows the user to specify which protocol the data packet should be using. Description: Allows you to type a friendly name for the rule. Some users find it more intuitive to name a rule by it's intended purpose. Source Address and Destination Address: 1. You can choose any IP Address by selecting 'Any'. This menu defaults to an IP range of 0. IP networks can be divided into smaller networks called subnet works or subnets. Enter the IP address and Mask of the network.

You can choose an entire network zone by selecting 'Zone'. This menu defaults to Local Area Network. But you can also define your own zone by first creating a Zone through the 'My Network Zones' area. You can choose a named host by selecting a 'Host Name' which denotes your IP address. Exclude i. NOT the choice below The opposite of what you specify is applicable. For example, if you are creating an 'Allow' rule and you check the 'Exclude' box in the 'Source IP' tab and enter values for the IP range, then that IP range will be excluded.

You will have to create a separate 'Allow' rule for the range of IP addresses that you DO want to use. Enter the source and destination Port in the text box. You can choose any port number by selecting 'Any' - set by default , 0- You can choose a Single Port number by selecting 'Single Port' and selecting the single port numbers from the list. If you wish to create a port set then please see the section 'My Port Sets'. The last two tabs are configured identically to the explanation above.

You will not see the source and destination port tabs. It is used mainly for performing traces and pings. Pinging is frequently used to perform a quick test before attempting to initiate communications. If you are using or have used a peer-to-peer file-sharing program, you might find yourself being pinged a lot. Source IP is the IP address from which the traffic originated and destination IP is the IP address of the computer that is receiving packets of information. When you select a particular ICMP message, the menu defaults to set its code and type as well.

Global Rules Unlike application rules, which are applied to and triggered by traffic relating to a specific application, Global Rules are applied to ALL traffic travelling in and out of your computer. Therefore, outgoing traffic has to 'pass' both the application rule then any global rules before it is allowed out of your system. Similarly, incoming traffic has to 'pass' any global rules first then application specific rules that may apply to the packet.

The configuration of Global Rules is identical to that for application rules. To add a global rule, click the 'Add. To edit an existing global rule, right click and select 'edit'. See Application Network Access Control interface for an introduction to the rule setting interface See Understanding Network Control Rules for an overview of the meaning, construction and importance of individual rules See Adding and Editing a Network Control Rule for an explanation of individual rule configuration Comodo Firewall Pro 3.

Pre-defined Firewall Policies As the name suggests, a predefined firewall policy is a set of one or more individual network control rules that have been saved and can be re-used and deployed on multiple applications. Note - this section is for advanced and experienced users.

If you are a novice user or are new to Comodo Firewall Pro, we advise you first read the Network Security Policy section in this help guide if you have not already done so. Although each application's firewall policy could be defined from the ground up by individually configuring its constituent rules, this practice may prove time consuming if it had to be performed for every single program on your system.

To add a new predefined policy, click the 'Add. This will launch the policy creation dialog shown below. As this is a new predefined policy, you will need to name it in the text field at the top. Next you should add and configure the individual rules for this policy.

Once created, this policy can be quickly called as a 'Predefined Policy' when creating or modifying a network policy. Attack Detection Settings 'Intrusion Detection' tab Comodo Firewall Pro features advanced detection settings to help protect your computer against common types of denial of service DoS attack.

When launching a denial of service or 'flood' attack, an attacker bombards a target machine with so many connection requests that your computer is unable to accept legitimate connections, effectively shutting down your web, email, FTP or VPN server. The Attack Detection Settings area allows you to configure the parameters of this protection. The victim's machine automatically sends back a response to these requests a SYN packet and waits for an acknowledgement an ACK packet.

This results in a backlog of unanswered requests that begins to fill up the victim's connection table. When the connection table is full, the victim's machine will refuse to accept any new connections - which means your computer will no longer be able to connect to the internet, send email, use FTP services etc. When this is done multiple times from multiple sources it floods the victim machine, which has a limit of unacknowledged responses it can handle, and may cause it to crash.

The defaults are for all three protocols are set at 20 packets per second for a continuous duration of 20 seconds. The number of packets per second and the maximum duration that the firewall should accept packets at this rate can be reconfigured to the user's preference by altering the appropriate field. If these thresholds are exceeded, a DOS attack is detected and the Firewall goes into emergency mode. The firewall will stay in emergency mode for the duration set by user.

By default this is set at seconds. Users can alter this time length to their own preference by configuring How long should the firewall stay in emergency mode while the host is under DOS attack? In emergency mode, all inbound traffic is blocked except those previously established and active connections. However, all outbound traffic is still allowed.

Users also have the option to configure how long to block incoming traffic from a host suspected of perpetrating a port scan. The default is 5 minutes. During this time, no traffic will be accepted from the host. How long should a suspicious host be automatically blocked after it attempts a port scan?

If a port scan is detected, the Firewall identifies the host scanning your system as suspicious and automatically blocks it for a set period of time - by default 5 minutes. During these 5 minutes, the suspicious host cannot access the user's system but the users system can access it. How long should the firewall stay in emergency mode whilst the host is under DOS attack?

When a DOS is detected, the Firewall goes into emergency mode for a fixed period of time - set by default to seconds. Users can configure the length of time to their own preferences. Stateful inspection involves the analysis of data within the lowest levels of the protocol stack and comparing the current session to previous ones in order to detect suspicious activity. The MAC address is the address of the physical network interface card inside the device, and never changes for the life of the device in other words, the network card inside your PC has a hardcoded MAC address that it will keep even if you install it in a different machine.

On the other hand, the IP address can change if the machine moves to another part of the network or the network uses DHCP to assign dynamic IP addresses. In order to correctly route a packet of data from a host to the destination network card it is essential to maintain a record of the correlation between a device's IP address and it's MAC address.

It should be noted, that a successful ARP attack is almost always dependent on the hacker having physical access to your network or direct control of a machine on your network - therefore this setting is of more relevance to network administrators than home users. Gratuitious ARP frames are important as they update your machine's ARP cache whenever there is a change to another machine on the network for example, if a network card is replaced in a machine on the network, then a gratuitous ARP frame will inform your machine of this change and Comodo Firewall Pro 3.

Enabling this setting you will block such requests - protecting the ARP cache from potentially malicious updates. Moreover, these fragmentations can double the amount of time it takes to send a single packet and slow down your download time.

Comodo Firewall Pro is set by default to block fragmented IP datagrams i. Do Protocol Analysis Protocol Analysis is key to the detection of fake packets used in denial of service attacks. Checking this option means Comodo Firewall Pro checks every packet conforms to that protocols standards.

If not, then the packets are blocked. Do Packet Checksum Verification Every packet of data sent to your machine has a signature attached. With this option enabled, Comodo Firewall Pro will recalculate the checksum of the incoming packet and compare this against the checksum stated in the signature. If the two do not match then the packet has been altered since transmission and Comodo Firewall Pro will block it. Although this feature has security benefits it is also very resource intensive and your internet connection speed may take a large hit if checksum verification is performed on each packet.

This feature is intended for use by advanced users and Comodo advise most home users not to enable this feature. This option is useful to catch such attempts. This option is disabled by default: because it can reduce system performance and may be incompatible with some protocol drivers. Firewall Behavior Settings Firewall Behavior Settings allows you to quickly configure the security of your computer and the frequency of alerts that are generated. This dialog box can be accessed in the 'Advanced' section of 'Firewall Tasks' and, more immediately, by clicking on the blue text next to 'Firewall Security Level' on the Summary Screen shown below.

The setting you choose here will also be displayed on the summary screen. The firewall will not attempt to learn the behavior of any applications and will not automatically create traffic rules for any applications. Choosing this option will effectively prevent your computer from accessing any networks, including the internet.

New users may want to think of this as the 'Do Not Learn' setting because the firewall will not attempt to learn the behavior of any applications. Nor will it automatically create network traffic rules for those applications. You will receive alerts every time there is a connection attempt by an application - even for applications on the Comodo Safe list unless, of course, you have specified rules and policies that instruct the firewall to trust the application's connection attempt.

If any application tries to make a connection to the outside, the firewall audits all the loaded components and checks each against the list of components already allowed or blocked. If a component is found to be blocked, the entire application is denied internet access and an alert is generated.

This setting is advised for experienced firewall users that wish to maximize the visibility and control over traffic in and out of their computer. For non-certified new applications, you will receive an alert whenever that application attempts to access the network. Should you choose, you can grant that application internet access by choosing 'Treat this application as a Trusted Application' at the alert. This will deploy the predefined firewall policy 'Trusted Application' onto the application.

You will not receive any alerts in 'Training Mode' mode. Tip: Use this setting temporarily while playing an online game for the first time. This will suppress all alerts while the firewall learns the components of the game that need internet access and automatically create 'allow' rules for them. Afterwards you can switch back to your previous mode.

All incoming and outgoing connections are allowed irrespective of the restrictions set by the user. Comodo strongly advise against this setting unless you are sure that you are not currently connected to any local or wireless networks. Keep an alert on screen for maximum n seconds Determines how long the Firewall will show an alert for without any user intervention.

By default, the timeout is set at seconds. You may adjust this setting to your own preference. Raising or lowering the slider will change the amount of alerts accordingly. It should be noted that this does not affect your security, which is determined by the rules you have configured for example, in 'Network Security Policy'. For the majority of users, the default setting of 'Low' is the perfect level - ensuring you are kept informed of connection attempts and suspicious behaviors whilst not overwhelming you with alert messages.

The Alert Frequency settings refer only to connection attempts by applications or from IP addresses that you have not yet decided to trust. For example, you could specify a very high alert frequency level, but will not receive any alerts at all if you have chosen to trust the application that is making the connection attempt. This setting provides the highest degree of visibility to inbound and outbound connection attempts but leads to a proliferation of firewall alerts.

For example, using a browser to connect to your internet home-page may generate as many as 5 separate alerts for an outgoing TCP connection alone. This is the setting recommended by Comodo and is suitable for the majority of users. A 'Firewall Event' is recorded whenever an application or process makes a connection attempt that contravenes a rule your Network Security Policy Note: You must have checked the box 'Log as a firewall event if this rule is fired' for the event to be logged.

Column Descriptions 1. Application - indicates which application or process propagated the event. If the application has no icon, the default system icon for executable files will be used; 2. Action - indicates how the firewall reacted to the connection attempt. Protocol - represents the Protocol application attempted to use to create the connection. Source Port - States the port number on the host at the source IP which was used to make this connection attempt.

This is usually the IP address of your computer. Destination Port - States the port number on the host at the destination IP to which the connection attempt was made. This usually indicates the port number on your computer. See below for more details on this module. It also allows you to build custom log files based on specific filters and to export log files for archiving or troubleshooting purposes.

The Log Viewer Module is divided into two sections. The right hand panel displays the actual events that were logged for the time period you selected in the left hand panel or the events that correspond to the filtering criteria you selected Filtering Log Files Comodo Firewall allows you to create custom views of all logged events according to user defined criteria. Preset Time Filters: Clicking on any of the preset filters in the left hand panel will alter the display in the right hand panel in the following ways: Today - Displays all logged events for today.

This Week - Displays all logged events during the past 7 days. This Month - Displays all logged events during the past 30 days. If you have cleared the log history since installation, this option shows all logs created since that clearance. This means the information and the columns displayed in the right hand panel will change depending on Comodo Firewall Pro 3.

User Defined Filters: Having chosen a preset time filter from the left hand panel, you can further refine the displayed events according to specific filters. There are two ways to export log files using Log Viewer interface - using the context sensitive menu and via the 'File' menu option. After making your choice, you will be asked to specify a name for the exported html file and the location you wish to save to. You can export a custom view that you created using the available Filters by right clicking and selecting 'Export To HTML' from the context sensitive menu.

Again, you will be asked to provide a filename and save location for the file. Define a New Trusted Application Comodo Firewall Pro allows you to prepare a list of trusted applications and configure their access rights to networks and the internet. This shortcut represents a convenient way to create an automatic 'Allow Requests' rule for an individual application - meaning that inbound and outbound connections are automatically permitted.

Advanced users can reconfigure the parameters of this rule in the section 'Network Security Policy'. To begin defining a new trusted application: 1. A dialogue box will appear asking you to select the application you want to trust.

You now have 3 methods available to choose the application that you want to trust - 'File Groups'; 'Running Processes' and 'Browse'. File Groups - choosing this option allows you to choose your application from a category of pre-set files or folders. For example, selecting 'Executables' would enable you to create an allow rule for any file that attempts to connect to the internet with the extensions. Other such categories available include 'Windows System Applications' , 'Windows Updater Applications' , 'Start Up Folders' etc - each of which provide a fast and convenient way to batch select important files and folders.

Running Processes - as the name suggests, this option allows you to choose the target application from a list of processes that are currently running on your PC. When you have chosen the application using one of the methods above, the application name will appear along with its location: Click Apply to confirm your choice. When this application seeks internet access Comodo Firewall Pro will automatically grant it.

Define a New Blocked Application Comodo Firewall Pro allows you to prepare a list of blocked applications that you do not want to access the internet. This shortcut represents a convenient way to create such an automatic 'block and log' rule - meaning that inbound and outbound connections are automatically blocked to this application.

Any connection attempts by the application will also be logged in the Firewall Events interface. Advanced users can view and edit the parameters of this new rule in 'Network Security Policy'. A dialogue box will appear asking you the select the application that you want to be blocked: 3. Click the 'Select' button: 4. You now have 3 methods available to choose the application that you want to block - 'File Groups'; 'Running Processes' and 'Browse'.

For example, selecting 'Executables' would enable you to create a block rule for any file that attempts to connect to the internet with the extensions. The new block and log rule for the application takes effect immediately. When this application seeks internet access Comodo Firewall Pro will automatically deny it and record an entry in the View Firewall Events interface. Stealth Ports Wizard 'Port Stealthing' is a security feature whereby ports on an internet connected PC are hidden from sight- eliciting no response to opportunistic port scans.

There are over 65, numbered ports on every computer - with certain ports being traditionally reserved for certain services. For example, your machine will almost definitely connect to the internet using port 80 and port Your e-mail application will connect to your mailserver through port A 'port scanning' attack consists of sending a message to each of your computer ports, one at a time.

This information gathering technique is used by hackers to find out which ports are open and which ports are being used by services on your machine. With this knowledge, a hacker can determine which attacks are likely to work if used against your machine.

Stealthing a port effectively makes it invisible to a port scan. This provides an extremely high level of security to your PC. If a hacker or automated scanner cannot 'see' your computers ports then they will presume it is offline and move on to other targets. You will still be able to connect to internet and transfer information as usual but remain invisible to outside threats. Comodo Firewall Pro provides the user with flexible stealthing options: 1.

To begin the wizard, click the 'Next' button'. A dialogue box will appear asking you to choose the new trusted zone: 3. If you have not yet defined a zone you wish to trust, you can do so in the 'My Network Zones' area of the firewall. OR o To manually define and trust a new zone from this dialog box, check the box 'I would like to define a new network'. If you wish to add more than one zone, simply repeat this wizard. Alert me to incoming connections - stealth my ports on a per-case basis You will see a firewall alert every time there is a request for an incoming connection.

The alert will ask your permission on whether or not you wish the connection to proceed. This can be useful for applications such as Peer to Peer networking and Remote desktop applications that require port visibility in order to connect to your machine. The average home user using a single computer that is not part of a home LAN will find this option the most convenient and secure. You will not be alerted when the incoming connection is blocked, but the rule will add an entry in the firewall event log file.

View Active Connections The Active Connections interface contains an at-a-glance summary of all currently active connections on a per-application basis. You can view all the applications that are connected; all the individual connections that each application is responsible for; the direction of the traffic; the source IP and port and the destination IP and port.

You can also see the total amount of traffic that has passed in and out of your system over each connection. This list is updated in real time whenever an application creates a new connection or drops an existing connection. The View Active Connections is an extremely useful aid when testing firewall configuration; troubleshooting new firewall policies and rules; monitoring the connection activity of individual applications and your system as a whole and for terminating any unwanted connections.

Column Description: 1. Protocol Shows the application that is making the connection; the protocol it is using and the direction of the traffic. Each application may have more than one connection at any time. This will be blank if the 'Source' column is 'Listening'. Bytes In - Represents the total bytes of incoming data since this connection was first allowed 5. Bytes Out - Represents the total bytes of outgoing data since this connection was first allowed Context Sensitive Menu Right click on items in the list to see the context sensitive menu.

My Port Sets Port Sets are handy, predefined groupings of one or more ports that can be re-used and deployed across multiple Application Rules and Global Rules. The name of the port set is listed above the actual port numbers that belong to that set.

These are the default ports for http traffic. Your internet browser will use this ports to connect to the internet and other networks. Privileged Ports: - This set can be deployed if you wish to create a rule that allows or blocks access to the privileged port range of Privileged ports are so called because it is usually desirable to prevent users from running services on these ports. Network admins usually reserve or prohibit the use of these ports.

Click Apply to commit your choice. If you wish to add more ports to this set then repeat the process from 'Select the port numbers you want to belong to this named set' Comodo Firewall Pro 3. When defining or modifying a network control rule, any port sets listed in this interface, including any new ones you create, will be available for selection and deployment in the 'Source Port' and 'Destination Port' tabs by selecting 'A set of Ports' : Comodo Firewall Pro 3.

My Network Zones A computer network is a connection between computers through a cable or some type of wireless connection. It enables users to share information and devices between computers and other users within the network.

Obviously, there are certain computer networks that you will need to grant access to - including your home or work network. Conversely, there may be other networks that you will want to restrict communication with - or even block entirely. Comodo Firewall Pro allows you to define 'Network Zones' and to specify the access privileges of these zones. A 'Network Zone' can consist of an individual machine including a single home computer connecting to the internet or a network of thousands of machines, to which access can be granted or denied.

This area allows to define the zones so you can quickly assign such permissions in other areas of the firewall. Note 2: A network zone can be designated as 'Trusted' and allowed access by using the 'Stealth Ports Wizard' An example would be your home computer or network Note 3: A network zone can be designated as 'Blocked' and denied access by using the 'My Blocked Network Zones' interface. An example would be a known spyware site Note 4: An application can be assigned specific access rights to and from a network zone when defining an Application Rule.

Similarly, a custom Global Rule can be assigned to a network zone to all activity from a zone. To add a New Network Zone, you need to i Define a name for the zone ii Select the addresses to be included in this zone. Define a name for the zone - Click the 'Add. A dialogue box will appear asking you to specify new zone's name. Choose a name that accurately describes the network you are creating. Click Apply to confirm your zone name. This will add the name of your new zone to the My Network Zones list: 4.

Next you have to Select the addresses to be included in this zone. Right click on the name of the new zone and select 'Add. Click 'Apply' to confirm your choice. The new zone will now appear in the main list along with the addresses you assigned to it. To add more addresses to an existing Network Zone - right click on the zone name and click 'Add. To modify or change the existing address in a zone - right click on the address not the zone name and select 'Edit.

My Blocked Network Zones A computer network enables users to share information and devices between computers and other users within the network. Obviously, there are certain computer networks that you will need 'trust' and grant access to - for example your home or work network. Unfortunately, there may be other, untrustworthy networks that you will want to restrict communication with - or even block entirely.

Note 1 - You must create a zone before you can block it. There are two ways to do this i Using 'My Network Zones' to name and specify the network you want to block ii Directly from this interface using 'New blocked address. You need to use 'My Network Zones' if you want to change the settings of existing zones. All traffic intended for and originating from computer or devices in this zone will now be blocked.

After clicking 'Apply' to confirm your choice, the address es you blocked will appear in the main interface. You can modify these addresses at any time by selecting the entry and clicking 'Edit' Comodo Firewall Pro 3. Special Note: Creating a blocked network zone implements a 'block all' global rule for the zone in question. However, unlike when you create a 'Trusted Zone', this rule is not displayed or editable from the global rules tab of the Network Security Policy interface.

This is because whereas you are likely to be trusting only a few zones, there is the potential that you will have to block many. The constant addition of such block rules would make the interface unmanageable for most users. The only executables that are allowed to run are the ones you give permission to. Common Tasks Click the links below to see detailed explanations of each area in this section.

If the application has no icon, the default system icon for executable files will be used. Action - indicates kind of action. Target - represents the location of the target file. This means the information and the columns displayed in the right hand panel will change depending on which type of log you have selected in the left hand panel.

My Protected Files This section allows you to protect specific files and folders against unauthorized modification. Protecting files prevents modification by malicious programs such as virus, trojans and spyware. It is also useful for safeguarding very valuable files spreadsheets, databases, documents by denying anyone and any program the ability to modify the file - avoiding the possibility of accidental or deliberate sabotage.

If a file is 'Protected' it can still be accessed and read by users, but not altered. A good example of a file that ought to be protected is the your 'hosts' file. Placing this in the 'My Protected Files' area would allow web browsers to access and read from the file as per normal. However, should any process attempt to modify it then Comodo Firewall Pro will block this attempt and produce a 'Protected File Access' pop-up alert. To manually add an individual file; file group or process, click the 'Add' button.

Click here for a description of the choices available when selecting a file. Exceptions Users can choose to selectively allow another application or file group to modify a protected file by affording the appropriate Access Right in 'Computer Security Policy'.

A simplistic example would be the imaginary file 'Accounts. You would want the Excel program to be able to modify this file as you are working on it, but you would not want it to be accessed by a potential malicious program. You would first add the spreadsheet to the 'My Protected Files' area by clicking the 'Add' button then 'Browse. Once added to 'My Protected Files', you would go into 'Computer Security Policy' and create an exception for Excel so that it alone could modify 'accounts.

Files in this folder should be off-limits to modification by anything except certain, Trusted, applications like Windows Updater Applications. Next go to 'Computer Security Policy', locate the file group 'Windows Updater Applications' in the list and follow the same process outlined above to create an exception for that group of executables. The 'Groups. File groups are handy, predefined groupings of one or more file types.

Creating a file group allows you to quickly deploy a Computer Security Policy across multiple file types and applications. You will not be able to modify the security policy of any applications or files from here. My Quarantined Files Comodo Firewall Pro allows you to lock-down files and folders by completely denying all access rights to them from other processes or users - effectively cutting it off from the rest of your system.

If the file you quarantine is an executable then neither you nor anything else will be able to run that program. Unlike files that are placed in 'My Protected Files', users cannot selectively allow any process access to a quarantined file. Additionally, files can be transferred into the My Quarantined Files module using the 'Move to.

Creating a file group allows you to deploy a custom or predefined computer security policy across multiple file types and applications. Every new executable file introduced to the computer, is first scanned against the Comodo certified safe files database. Apart from new executables, any executables that are modified are also moved to the 'My Pending Files' area. If they are trustworthy, they can be moved to 'My Safe Files' using the 'Move to' button. Similarly, files that are suspicious can be moved to the 'My Quarantined Files' area.

The 'Lookup. This will contact Comodo servers to conduct a search of Comodo's master safe list database to check if any information is available about the file in question. If no information is available, you are presented with the option to submit them to Comodo for analysis: Comodo Firewall Pro 3. Clicking the "Submit" button will automatically begin the file submission process.

After sending the file to us, our developers will determine whether or not it represents a threat to your security. If it is found to be trustworthy, it will be added to the Comodo safelist. Of course, you could choose the 'Treat this as a Trusted Application' option at the alert but it is often more convenient to classify entire directories of files as 'My Own Safe Files'. This is particularly useful for developers that are creating new applications that, by their nature, are as yet unknown to the Comodo safelist.

Click the 'Add' button to manually imports files or processes into this area: The 'Move to. If no information is available, you are presented with the option to submit them to Comodo for analysis: Clicking the "Submit" button will automatically begin the file submission process. This is particularly useful in the case of 'My Own Safe Files' as it will allow the files you know to be safe to be added to the master Comodo safelist. This list will then be distributed to all other installations of the firewall and allow all users to trust these files.

The interface displays all currently active processes that are running on your PC and the parent application of those processes. This system provides the very highest protection against trojans, malware and rootkits that try to use trusted software to launch an attack.

Application - Displays the names of the applications which are currently running on your PC. Trusted Vendors are those companies that digitally sign 3rd party software to verify it's authenticity and integrity. This signature is then counter-signed by an organization called a Trusted Certificate Authority.

It will then automatically add that software to the Comodo safe list. This practice helps end-users to verify: i Content Source: The software they are downloading and are about to install really comes from the publisher that signed it. In short, users benefit if software is digitally signed because they know who published the software and that the code hasn't been tampered with - that are downloading and installing the genuine software. The 'Vendors' that digitally sign the software to attest to it's probity are the 3rd party software developers.

These are the company names you see listed in the first column in the graphic above. However, companies can't just 'sign' their own software and expect it to be trusted. This is why each code signing certificate is counter-signed by an organization called a 'Trusted Certificate Authority'. This counter-signature is critical to the trust process and a Trusted CA will only counter-sign a vendor's certificate after it has conducted detailed checks that the vendor is a legitimate company.

One way of telling whether an executable file has been digitally signed is checking the properties of the. For example, the main program executable for Comodo Firewall Pro is called 'cfp. Click 'View Certificate' to inspect the actual code signing certificate. It should be noted that the example above is a special case in that Comodo, as creator of 'cpf.

In the vast majority of cases, the signer or the certificate the vendor and the counter signer the Trusted CA will be different. See this example for more details. Browse to the location of the executable your local drive. In the example below, we are adding the executable 'YahooMessenger.

After clicking 'Open', Comodo Firewall will check that the. If so, the vendor software signer will be added to the Trusted Vendor list: In the example above, Comodo Personal Firewall was able to verify and trust the vendor signature on YahooMessenger. The software signer 'Yahoo! Inc' is now a trusted vendor and is added to the list.

All future software that is signed by the vendor 'Yahoo! Comodo Firewall Pro also allows you to add a trusted vendor by selecting from processes that are currently running on your PC. To do this, click the 'Add. Comodo Firewall Pro will perform the same certificate check as described above.

If the firewall cannot verify that the software certificate is signed by a Trusted CA then it will not add the software vendor to the list of 'My Trusted Vendors'. These vendors can be removed by the user by selecting and clicking the 'Remove' button. All software created by user certified vendors is automatically added to the firewall safelist.

Comodo certified vendors are hardcoded into the firewall and cannot be removed. All software created by Comodo certified vendors is automatically added to the firewall safelist. Scan My System The 'Scan My System' feature allows users to run on-demand scans on their fixed hard drives that will detect known malware, trojans and spyware. If malicious executables are discovered on your system then they can be immediately deleted straight from the scan results window.

Comodo recommends all users run a system scan at least once per week. The scan can be paused or stopped at any time by clicking the appropriate buttons at the lower right corner. When the scanner has finished checking your hard drive, you will see the 'Scan Complete' interface which contains details of any malware that was discovered: Comodo Firewall Pro 3.

To delete all the listed files, click the 'Delete' button. Clicking 'Exit' will close the Scan System interface and return the user to the main interface. Background info: The name of the threat status column can often be different to the actual file name stated in the 'Location' column. This is especially true in the case of Trojan horse programs which are specifically re-named to resemble or duplicate the name of recognisable, trusted programs. Comodo Firewall Pro's scanner overcomes this by checking the digital signature of all the files it scans against a 'black list' of the digital signatures of known malicious programs.

This means it will detect all infected files - including those that attempt to masquerade as another program. My Protected Registry Keys Comodo Firewall Pro automatically protects system critical registry keys against modification. Irreversible damage can be caused to your system if important registry keys are corrupted or modified in any way.

It is essential that your registry keys are protected against attack. The 'Registry Entries. You can add items manually by browsing the registry tree in the right hand pane. My Protected COM Interfaces Component Object Model COM is Microsoft's object-oriented programming model that defines how objects interact within a single application or between applications - specifying how components work together and interoperate.

COM is used as the basis for Active X and OLE - two favorite targets of hackers and malicious programs to launch attacks on your computer. It is a critical part of any security system to restrict processes from accessing the Component Object Model - in other words, to protect the COM interfaces. Comodo Firewall Pro automatically protects COM interfaces against modification, corruption and manipulation by malicious processes.

The 'COM Components. You can add items manually by browsing the components in the right hand pane. The first column, 'Application Name', displays a list of the applications on your system for which a security policy has been deployed. If the application belongs to a file group, then all member applications assume the security policy of the file group.

The second column, 'Treat as', column displays the name of the security policy assigned to the application or group of applications in column one. Remove - Deletes the current policy. Note - you cannot remove individual applications from a file group using this interface - you must use the 'My File Groups' interface to do this. Users can re-order the priority of policies by simply dragging and dropping the application name or file group name in question.

To alter the priority of applications that belong to a file group, you must use the 'My File Groups' interface. If you were editing an existing policy instead, then this interface would show that policy's name and path. Click the 'Select' button to begin You now have 3 methods available to choose the application for which you wish to create a policy - File Groups; Running Processes and Browse.

To view the file types and folders that will be affected by choosing one of these options, you need to visit the 'My File Groups' interface. In the example below, we have decided to create a security policy for the Opera web browser. In the example below, we have chosen 'Limited Application'. The name of the predefined policy you choose will be displayed in the 'Treat As' column for that application in the Computer Security Policy interface.

Note: Predefined Policies, once chosen, cannot be modified directly from this interface - they can only be modifed and defined using the 'Predefined Security Policies' interface. If you require the ability to add or modify settings for an specific application then you are effectively creating a new, custom policy and should choose the more flexible Use Custom Policy option instead. In simplistic terms 'Access Rights' determine what the application can do to other processes and objects whereas 'Protection Settings' determine what the application can have done to it by other processes.

Access Rights - The Process Access Rights interface allows you to determine what activities the applications in your custom policy are allowed to execute. These activities are called 'Access Names'. Click here to view a list of definitions of the Action Names listed above and the implications of choosing to Ask, Allow or Block for each setting.

Exceptions to your choice of 'Ask', 'Allow' or 'Block' can be specified for the policy by clicking the 'Modify. Clicking 'Add' will allow you to choose which applications or file groups you wish this exception to apply to. Clicking 'Modify' then adding 'Outlook. Protection Settings - Protection Settings determine how protected the application or file group in your policy is against activities by other processes.

These protections are called 'Protection Types'. Select 'Yes' to enable monitoring and protect the application or file group against the process listed in the 'Protection Type' column. Select 'No' to disable such protection. Click here to view a list of definitions of the 'Protection Types' listed above and the implications of activating each setting.

Exceptions to your choice of 'Yes' or 'No' can be specified in the application's policy by clicking the 'Modify. Click 'Apply' to confirm your setting. Comodo Firewall Pro calculates the hash an executable at the point it attempts to load into memory. If the hash matches the one on record for the executable, then the application is safe. If no matching hash is found on the safelist, then the executable is 'unrecognized' and you will receive an alert. This area allows you to quickly determine how proactive the monitor should be and which types of files it should check.

This is the default and recommended setting. Disabled - No execution control is applied to the executable files. Click 'Apply' to implement your settings. This means every. Managed Services. Threat Assessment Services. Proactive Services. Why Comodo? Compare Comodo. Why Partner? For Home.

About Comodo. Contact Us. Select Your Industry Type. Learn More. Threat Research Labs. My Account. HIPS technology is driven by an extensive white list database with nearly one million applications and growing which identifies trusted applications and prevents untrusted applications from being introduced onto the computer. It also prevents any suspicious system processes to occur.

Advanced firewall engine for preventative management of incoming, outgoing Internet traffic Comodo Firewall Pro offers the highest levels of preventative monitoring of all inbound and outbound traffic which will prevent hackers, malware and identity thieves from penetrating a computer. Security rules interface Version 3. This version also sees the introduction of preset security policies which allows users to deploy a sophisticated hierarchy of firewall rules with a couple of mouse clicks.

Enhanced graphical UI User Interface Completely redesigned look and feel makes it even easier for users to manage and configure.

Comodo firewall version 3 0 fortinet advanced threat protection subscription comodo firewall version 3 0


Comodo firewall version 3 0 filezilla client command line upload file

Comodo firewall configuration part 1

Следующая статья teamviewer history

Другие материалы по теме

  • Winscp 403 forbidden
  • Citrix webcast
  • Manageengine pam 360
  • Winscp set scp as transfer orotcol
  • Filezilla for beginners
  • Winscp will not connect to iphone
  • 0 комментарии на “Comodo firewall version 3 0

    Добавить комментарий

    Ваш e-mail не будет опубликован. Обязательные поля помечены *