5:00PM 21 June 2008
Refresher Course
No Antivirus, Firewall or other Security Product is 100% absolute protection. Good security is usually the outcome of a compromise between user habits, policies, training, security software's and user friendliness.
After Downloading
Windows XP
- Disable Wired and/or Wireless Network Adaptors in Windows 'Control Panel>Network Connections'.
- Turn Off your 'Windows Firewall' and/or any other Software Firewall's.
- Close all other Programs/Applications.
- Install the Comodo Firewall before connecting to a Network/Router (obviously).
- Include the Host IPS 'Defense+'.
- After Installation, Enable Wired and/or Wireless Network Adaptors in Windows 'Control Panel>Network Connections'.
- Open the GUI, click 'Firewall>Advanced>Attack Detection Settings'.
- Under the 'Intrusion Detection' Tab...
- Enable 'Protect the ARP Cache'.
- Enable 'Block Gratuitous ARP Frames'.
- Under the 'Miscellaneous' Tab...
- Enable 'Block Fragmented IP datagrams'.
- Enable 'Do protocol analysis'.
- Enable 'Do packet checksum verification'.
- Enable 'Monitor other NDIS protocols than TCP/IP'.
- Click 'Apply'.
- Under the 'Intrusion Detection' Tab...
- Click 'Firewall>Advanced>Firewall Behavior Settings'.
- Under the 'General Settings' Tab...
- Change the 'Keep Alert on Screen' time to '600' seconds.
- Under the 'Alert Settings' Tab...
- Set the 'Frequency Level' to 'Very High'.
- Click 'Apply'.
- Under the 'General Settings' Tab...
Note: You will now receive many more pop-up Alerts in future, though the auto' generated Policy Rules will be much more specific; or 'Strict'. Edit them at 'Firewall>Advanced>Network Security Policy'.
- Keep clicking 'Allow' on all of the pop-ups and a new Policy Rule will automatically be generated on every click. Once all the Rules have been created, you will rarely receive any more pop-up Alerts until you run a new program or install a new application.
- If all of your programs/applications are installed, or once they are installed and all of the Rules have been generated, step the 'Firewall Security Level' up to 'Custom Policy Mode' and the 'Defense+ Security Level' up to 'Safe Mode' or 'Paranoid Mode'.
-
Go into 'Miscellaneous>Settings', Enable 'Show the balloon messages' and set a Password.
-
To install new software you believe to be Safe, open the GUI and click 'Switch to Installation Mode'.
-
Double-click the Program Installer File.
-
When that particular Installer File appears on the left side of a pop-up, select 'This Program is an Updater/Installer' and click 'OK'.
-
Click 'OK' for all of the following pop-ups to automatically generate specific Policy Rules for that particular program.
-
Here is an example of the Rules that will be generated.
Note: If a program sets many IP's, Ports, Protocol Rules in the 'Network Security Policy' section, as long as you trust that particular program to be safe, 'Edit' one of the Rules and change the IP, Port and/or Protocol to 'Any'. Delete all of the other Rules which have automatically flooded the list. No more pop-up Alerts will bother you for that particular program.
