Comodo Firewall 2.3 User Guide

Comodo Firewall 2.
3 User Guide 1
CONTENTS
Chapter 1: Getting Started ...........................................................................4
Firewall Basics ...........................................................................................................4
What's New in Coodo Firewall ..............................................................................4
Coodo Firewall ! O"er"iew ....................................................................................#
Introduction ..........................................................................................................................7
S$ste %e&'ireents ..............................................................................................(
Coodo Firewall )nstallation ...................................................................................*
Coodo Firewall +anageent )nter,ace ...............................................................1-
Coodo Firewall .ninstallation ............................................................................14
Starting Coodo Firewall .......................................................................................1/
1. System Tray Icon ............................................................................................................16
2. Windows Desktop ..................................................................................................................17
3. Start Menu ..............................................................................................................................17
0cti"ating 1o'r Free 2icense .................................................................................1(
Activate your ree !icense ...........................................................................................................1"
#e$isterin$ and $ettin$ a !icense ...............................................................................................2%
Chapter 3: Firewall S'ar$ ................................................................31
The +ain )nter,ace ...................................................................................................31
&i$'!i$'ts ....................................................................................................................................22
Traic Ino ...................................................................................................................................22
System Ino .................................................................................................................................23
(iew A!erts .................................................................................................................................2)
*pdate +icense ..........................................................................................................................27
,omputer Security +eve! ............................................................................................................27
Security Monitorin$ ....................................................................................................................2"
-rotection Stren$t' ....................................................................................................................2"
*pdater ......................................................................................................................................2"
Automatic Updater ...................................................................................................................................................28
Manual Updater ........................................................................................................................................................29

Chapter -: Firewall 0cti"it$ ....................................................................-3
Connections .............................................................................................................-3
2ogs ..........................................................................................................................-4
Chapter 4: Firewall Sec'rit$ ..................................................................-(
Tas4s ........................................................................................................................-*
Deine a .ew A!!owed/ Trusted App!ication .............................................................................)%
Deine a .ew 0anned App!ication ..............................................................................................)1
Add/#emove/Modiy a 1one .......................................................................................................)2
Send i!es to ,omodo or ana!ysis ..............................................................................................))
.eed &e!p2 .................................................................................................................................)6
,'eck or *pdates2 ....................................................................................................................)6
Deine a new Trusted .etwork ...................................................................................................)7
Scan or 3nown App!ications ......................................................................................................)4
0pplication +onitor .................................................................................................56
App!ication ,ontro! #u!es ...........................................................................................................5%
Comodo Firewall 2.3 User Guide 2
CONTENTS
Add a .ew App!ication ,ontro! #u!e ..........................................................................................51
Coponent +onitor ................................................................................................55
,omponent ,ontro! #u!es ..........................................................................................................55
Turn 6n /Turn 6 / +earn Mode on ,omponent ,ontro! #u!e ...................................................56
Networ4 +onitor ......................................................................................................5*
.etwork Monitor #u!e ,oni$uration 6ptions ............................................................................6%
0d"anced Con,ig'ration ........................................................................................./1
App!ication 0e'aviour Ana!ysis ..................................................................................................61
Advanced Attack Detection and -revention ...............................................................................63
Misce!!aneous .............................................................................................................................66
07o't Coodo Firewall ........................................................................../*
07o't Coodo .........................................................................................#6
Getting S'pport .......................................................................................#1
Coodo Firewall
Chapter 1: Gettin !tarted
Firewall Basics
What is a Firewall?
0road!y speakin$7 a computer irewa!! is a sotware pro$ram t'at prevents unaut'ori8ed access to or rom a private
network. 9irewa!!s are too!s t'at can :e used to en'ance t'e security o computers connected to a network7 suc' as +A.
or t'e Internet. T'ey are an inte$ra! part o a compre'ensive security ramework or your network.
A irewa!! a:so!ute!y iso!ates your computer rom t'e Internet usin$ a ;wa!! o code; t'at inspects eac' individua! ;packet;
o data as it arrives at eit'er side o t'e irewa!! < in:ound to or out:ound rom your computer < to determine w'et'er it
s'ou!d :e a!!owed to pass or :e :!ocked.
9irewa!!s 'ave t'e a:i!ity to urt'er en'ance security :y ena:!in$ $ranu!ar contro! over w'at types o system unctions
and processes 'ave access to networkin$ resources. T'ese irewa!!s can use various types o si$natures and 'ost
conditions to a!!ow or deny traic. A!t'ou$' t'ey sound comp!e=7 irewa!!s are re!ative!y easy to insta!!7 setup and
operate.
Why do I need one?
As t'e Internet 'as come to p!ay a ro!e in t'e 'ome and :usiness a!ike7 protection rom unaut'ori8ed Internet users is a
necessity. W'en your network is connected to a pu:!ic network7 it is e=posed to spies7 t'ieves7 'ackers7 t'ri!! seekers7
and various ot'er t'reats.
Internet users need to :e increasin$!y vi$i!ant o security issues7 as network traic comin$ into t'e computer can cause
dama$e to i!es and pro$rams even w'en t'e user is away rom t'e computer and t'e computer is id!e. In a system t'at
is not protected wit' any security measures7 ma!icious code suc' as viruses can inect systems and cause dama$e t'at
may :e diicu!t to repair. T'e !oss o inancia! records7 e>mai!7 customer i!es7 can :e devastatin$ to a :usiness or to an
individua!.
What's New in Coodo Firewall
New in 8ersion 3.-./
F)9E:; Networ4 onitor r'les were not loaded d'ring s$ste 7oot.
F)9E:; :<C= protocol state,'l anal$sis were ca'sing reconnection pro7les
F)9E:; C=F was crashing when a ShellE>ec'te hoo4ing so,tware?S'per0d7loc4er@ co'ntersp$ etc.A
is installed
F)9E:; C=F tra$ icon was showing wrong tooltip te>t
F)9E:; 2og siBe is not ree7ered correctl$
F)9E:; +an$ other 7'gs are ,i>ed according to the 'ser 7'g reports
New in 8ersion 3.-.5
NEW; %eo"ed Coodo 2a'nch=ad )nstallation
F)9E:; Start'p :ela$ i, Terinal Ser"ices ser"ice is disa7led
F)9E:; Na"igating 7etween adapters 'sing CNe>tC and C=re"io'sC lin4s co'ld ca'se error essage
F)9E:; When no adapter acti"e was showing wrong adapter in,oration
New in 8ersion 3.-.4
NEW; %ed'ced +eor$ .sage
NEW; 0dded =rotocol 0nal$sis Option
-rotoco! Ana!ysis is key to t'e detection o ake packets used in denia! o service attacks. T'is new
eature means ,omodo 9irewa!! c'ecks every packet conorms to t'at protoco!s standards. I not7 t'en t'e
packets are :!ocked.
NEW; 0dded pac4et chec4s' "eri,ication ,eat're
?very packet o data sent to your mac'ine 'as a si$nature attac'ed. ,omodo 9irewa!! wi!! reca!cu!ate t'e
c'ecksum o t'e tar$et packet and compare t'is a$ainst t'e c'ecksum stated in t'e si$nature. I t'e two do
not matc' t'en ,omodo 9irewa!! wi!! :!ock t'e packet. A!tered c'ecksums indicate t'at a packet 'as :een
a!tered since transmission.
NEW; 0dded an option to de,ine 0lert Fre&'enc$ le"el
*sers can now @uick!y coni$ure t'e amount o a!erts t'at ,omodo 9irewa!! $enerates :y raisin$ or !owerin$
a new s!ider.
Comodo Firewall 2.3 User Guide "
Coodo Firewall Chapter 1: Gettin !tarted
NEW; 0dded de,ense ,or own registr$ 4e$s and ,iles against alware tapering
Meanin$ t'at ,omodo 9irewa!! re$istry entries and i!es cannot :e de!eted or modiied eit'er accidenta!!y or
de!i:erate!y. T'is vita! security eature prevents ma!icious pro$rams or intruders rom :ein$ a:!e to s'ut
down or sa:ota$e your insta!!ation o ,omodo 9irewa!!.
NEW; 0dded S'spicio's ,ile s'7ission capa7ilit$ to pop'p alert
?ac' time ,omodo 9irewa!! discovers unknown components wit'in an app!ication7 t'e user is notiied via an
a!ert. In version 2.37 t'ese particu!ar a!erts now contain a :ui!t in !ink to instant!y su:mit t'e suspicious i!es to
,omodo or ana!ysis.
)+=%O8E:; :e,a'lt networ4 control r'les
)+=%O8E:; New icons ,or r'les section
)+=%O8E:; Tas4s and 0d"anced section la$o'ts are redesigned
)+=%O8E:; E,,ect on OS s$ste per,orance has signi,icantl$ 7een decreased
F)9E:; B'g ca'sing Windows to ,reeBe ?a rare 7't serio's 7'g o, BET0 %eleasesA
F)9E:; B'g ca'sing 2og SiBe selection to 7e ,orgotten a,ter a re7oot
F)9E:; B'g ca'sing legitiate pac4ets to 7e dropped 7$ protocol anal$sis
F)9E:; The ,irewall will 'se the de,a'lt 7rowser instead o, )E
%E+O8E:; <ardware details section ,ro the s'ar$ section
New in 8ersion 3.3.6
NEW; S4ip ad"anced sec'rit$ chec4s
Skip advanced security c'ecks options in t'e App!ication contro! ru!es is or t'e app!ications w'ic' user
a!!ows :ut sti!! or some reasons t'ey ai! to connect.
NEW; C=F passes another lea4 test;;
,omodo 9irewa!! > passes one more !eak test ca!!ed 0ITS. A'ttpB//www.irewa!!!eaktester.com/news.'tmC
)+=%O8E:; :ispla$ Settings
Disp!ay issues seen in systemDs D-I settin$ 'i$'er t'an 46 D-I or w'i!e usin$ !ar$e onts settin$s or system
'as :een i=ed.
NEW; +onitor CO+DO2E %e&'ests
Monitor ,6M/6+? re@uestsE w'en ena:!ed7 orces ,-9 to detect any pro$ram 'iFackin$ attempt w'ic' may
occur :y misuse o ,6M/6+? interaces :y ot'er pro$rams.
NEW; 0'toaticall$ 0ppro"e Sa,e 0pplications
Automatica!!y approve sae app!ications option7 w'en ena:!ed7 orces ,-9 to a!!ow a!! activities o an
app!ication w'ic' is reco$ni8ed as sae :y its interna! data:ase o over 1%%%% app!ications. *n!ess e=p!icit!y
:!ocked :y a ru!e7 ,omodo 9irewa!! wi!! a!!ow any activity o t'e sae app!ications w'i!e sti!! watc'in$ or
suspicious activities. In case or an app!ication action to :e taken is set as DAskD and i it appears in sae
data:ase !ist o app!ications7 it wi!! :e a!!owed wit'out askin$ user. T'e irewa!! wi!! sti!! raise an a!ert i it
detects anyt'in$ suspicious. T'is option is useu! or avoidin$ unnecessary num:er o @uestions.
)+=%O8E:; Eone +odi,ication
A Mac'ine or network can :e represented as a 8one to w'ic' a access can :e $ranted or denied :y
speciyin$ it in App!ication / .etwork ru!es. T'e new!y desi$ned easy to use G*I in ,omodo 9irewa!! 2 a!!ows
t'e user to Add/?dit/#emove 1ones.
Comodo Firewall 2.3 User Guide #
NEW; 0pplication Coponent 0'thentication
,omodo 9irewa!! now va!idates a!! t'e components o an app!ication :eore a!!owin$ it Internet access.
T'ese components can :e dynamic !ink !i:raries7 active= components t'at an app!ication is usin$.
NEW; 0pplication Beha"ior 0nal$sis
,omodo 9irewa!! ana!yses eac' app!icationHs :e'avior and detects any suspicious activity :eore a!!owin$
internet access. T'is poweru! new eature ena:!es it to detect more troFan activity t'an any ot'er irewa!!
> inc!udin$B
D++/,ode inFections
&idden ,onnection Attempts
NEW; :e,ense against TroFan =rotocols
,omodo 9irewa!!! now eatures advanced protoco! driver !eve! protection > essentia! or t'e deense o your
-, a$ainst troFans 'avin$ t'eir own protoco! drivers.
NEW; Sart 0lerts
A!erts are comp!ete!y redesi$ned in ,omodo 9irewa!!. T'ey are now simp!e and more intuitive. ?very a!ert
now inc!udes a Security ,onsiderations section w'ic' provides si$niicant advices to users. ?ac' a!ert a!so
'as an associated Security #isk !eve! s'own on t'e top o it to 'e!p users decide a course o action.
A!t'ou$' t'ey are simp!e7 t'e new a!erts a!so 'ave an option to :e more ver:ose or simp!e. 0asic popup
!o$ic removes unnecessary popup a!erts w'ereas ver:ose !o$ic revea!s eac' activity to provide more detai!s.
NEW; Windows Sec'rit$ Center )ntegration
,omodo 9irewa!! is now reco$ni8ed :y Windows I- S-2 Security ,enter as a trusted irewa!! and reports
its state.
NEW; Sel, =rotection against Terination o, Critical Firewall =rocesses
A TroFan/Spyware/(irus may need to disa:!e t'e irewa!! protection :eore perormin$ its ma!icious
operations. ,omodo 9irewa!! secures itse! to make sure its critica! processes are a!ways active and runnin$.
NEW; =C Sec'rit$ d'ring Booting
,omodo 9irewa!! 2 inc!udes an option to secure t'e 'ost w'i!e t'e operatin$ system is :ootin$. W'en
ena:!ed7 it makes sure t'at no connections are esta:!is'ed unti! :ootin$ process is comp!eted.
NEW; 0'toatic .pdater
,omodo 9irewa!! now inc!udes an interactive automatic updater component so t'at users can c'eck or
updates any time.
NEW; Error %eporting )nter,ace
To improve usersH satisaction7 ,omodo 9irewa!! 2 now inc!udes an I- sty!e :u$ reportin$ interace.
)+=%O8E:; Firewall 2ogging
T'e new !o$$in$ structure in ,omodo 9irewa!! is more poweru! t'an :eore. It revea!s a!! t'e activities
wit' detai!ed descriptions o t'e events. It a!so a!!ows e=portin$ t'e !o$s in &TM+ ormat.
)+=%O8E:; Sec'rit$ %'les )nter,ace
,omodo 9irewa!! 2 'as a comp!ete!y redesi$ned security ru!es interace. More poweru!7 !e=i:!e security
ru!es structure is com:ined wit' an easy to use G*I.
)+=%O8E:; 0pplication 0cti"it$ Control
In t'is version7 app!ication connections are s'own :etter. It a!!ows watc'in$ eac' app!ication in detai! :y
s'owin$ addresses7 ports and amount o traic it used. *sers can intercept and c!ose any app!ication
Comodo Firewall 2.3 User Guide $
connection wit' a simp!e c!ick.
)+=%O8E:; Graphical .ser )nter,ace
T'e G*I o ,omodo 9irewa!! 'as si$niicant improvements.
It a!!ows u!! contro! over t'e irewa!! operations
It s'ows a 'ost security inde= accordin$ to t'e protection !eve! at w'ic' it is coni$ured
Any part o t'e irewa!! can :e ena:!ed or disa:!ed wit' one c!ick
)+=%O8E:; 0pplication %ecognition ?%nl& in Comodo Firewall'
,omodo 9irewa!! 2 can reco$ni8e over 1%%%% app!ications and determine t'eir security risks. T'is data:ase
a!!ows users to easi!y notice i an activity is comin$ rom a sae7 virus or spyware pro$ram.
Coodo Firewall ! O"er"iew
)ntrod'ction
,omodo 9irewa!! is desi$ned as an endpoint security enorcer w'ic' u!i!!s a!! t'e re@uirements o a 'ost
:ased security system s'ou!d do. Wit' its !ayered security arc'itecture7 it is one o t'e most c'a!!en$in$
irewa!!s avai!a:!e7 providin$ an a!!>in>one security enorcer or a!! 6SI network communication !ayers.
,omodo 9irewa!! inc!udes an interated e(ecuta)le *ile data)ase7 w'ic' is a compre'ensive c!assiication
o a!! known e=ecuta:!e i!es. It is t'e onl& irewa!! w'ic' provides suc' si$niicant inormation wit' users.
Networ4 =rotection
,omodo 9irewa!!7 a!t'ou$' desi$ned or persona! use7 inc!udes an industria! stren$t' stateu! inspection
irewa!!7 actin$ at 6SI +ayers 27 3 and ) to i!ter incomin$ and out$oin$ network traic. Suc' an advanced
i!ter keeps track o eac' and every packet sent/received and perorms inte!!i$ent ana!ysis on critica!
protoco!s suc' as T,-7 *D-7 9T- etc.
,omodo 9irewa!! a!so detects and prevents D6S/DD6S attacks inc!udin$B
SJ./*D-/I,M- 9!oods7
T,-/*D- -ort Scans7
*pon acin$ suc' an intrusive attack7 it switc'es to an emer$ency mode :y creatin$ some automatic ru!es
and updatin$ its interna! states accordin$ to t'e attack :e'avior7 to secure t'e 'ost a$ainst it unti! t'e attack
ceases. *sers wi!! not notice suc' a c'an$e in terms o unctiona!ity :ut wi!! remain protected.
G'ic4 Feat'res:
Advanced T,-/*D-/I,M- and I- protoco! i!terin$
I- ra$mentation 'and!in$
D6S/DD6S resistance and 'and!in$
Stateu! T,-/*D- -rotoco! Inspection
Comodo Firewall 2.3 User Guide +
0pplication =rotection
A!t'ou$' t'e network protection is ade@uate to deeat t'e most o t'e network :ased attacks7 todayHs t'reats
re@uire 'i$'!y sop'isticated app!ication :ased access i!terin$ mec'anisms to enorce true 'ost :ased
security po!icies.
,omodo 9irewa!! provides a poweru! app!ication irewa!! w'ic' is one o t'e :est app!ication i!ters avai!a:!e
in t'e market.
#estrictin$ network traic accordin$ to t'e app!ication w'ic' $enerates it7 re@uires i!terin$ at 6SI +ayers 37
)7 57 6 and 7.
0pplication Filtering
,omodo 9irewa!! provides u!! contro! on app!icationsH networkin$ :e'aviors.
App!ication irewa!! canB
!imit app!ications network access c'aracteristics suc' as port7 protoco! and 'ostK
$ive users t'e a:i!ity to contro! num:er o connections per minute an app!ication can create.
2ea4 %esistance
*nortunate!y7 ma!ware pro$rams are evo!vin$ rapid!y. Many o suc' pro$rams emp!oy very advanced
tec'ni@ues to concea! t'eir ma!icious activities so t'at t'ey easi!y :ypass t'e standard protection mec'anism
provided :y t'e most irewa!!s. T'ese tec'ni@ues are common!y known as L!eakE tec'ni@ues.
C=F passed 022 2E0H TESTS with an o'tstanding s'ccess rate not seen in an$ other ,irewalls
a"aila7le.
A!t'ou$' passin$ t'e known !eak tests are oten enou$' to provide you a ro:ust protection7 TroFans do not
'ave to !imit t'emse!ves to t'ese known tec'ni@ues and t'ey a!ways try to ind new ones to c'eat t'e
protection mec'anism you 'ave. Due to t'is act7 peop!e at ,omodo persistent!y researc' to improve irewa!!
to keep you constant!y protected a$ainst emer$in$ and unknown t'reats.
.ser Friendliness
,omodo 9irewa!! 'as an easy to use and intuitive G*I w'ic' is suita:!e or :ot' advanced and novice users.
6ur se!ection o wizards make sure novice users wi!! ace no diicu!ties in mana$in$ vita! security
coni$urations. Advanced users and e=perts can ine tune ,omodo 9irewa!! usin$ its e=tensive coni$uration
options.
S$ste %e&'ireents

To ensure optima! perormance o ,omodo 9irewa!!7 p!ease ensure t'at your -, comp!ies wit' t'e minimum
system re@uirements as stated :e!owB
MWindows 2%%%/Windows I- AA!! 32 :it versionsC
MInternet ?=p!orer (ersion 5.1 or a:ove
M 6) M0 avai!a:!e #AM
M 32 M0 o avai!a:!e ree 'ard disk space
Coodo Firewall )nstallation
0eore you insta!! ,omodo 9irewa!!7 read t'e insta!!ation instructions careu!!y and a!so review t'e system
re@uirements !isted in t'is c'apter. Nuit a!! ot'er Windows pro$rams :eore insta!!in$ ,omodo 9irewa!! as
ot'er active pro$rams may interere wit' t'e insta!!ation and reduce your protection.
)nstallation =rocess
To insta!!7 down!oad t'e ,omodo 9irewa!! setup i!es to your !oca! 'ard drive. .e=t7 dou:!e c!ick on Setup.e=e
to start t'e insta!!ation wi8ard. And o!!ow t'e process as :e!ow.

STE= 1: .ninstall Other Firewall =rogras
1. 0eore you insta!! ,omodo 9irewa!!7 you must uninsta!! any t'ird party 9irewa!! pro$rams insta!!ed in your
-,. T'is is necessary as ot'er irewa!! pro$rams may interere wit' t'e insta!!ation o ,omodo 9irewa!! and
reduce t'e protection oered :y it. ,!ick ,es to continue.
STE= 3 : Welcoe :ialog'e 7o>
3. T'e set up pro$ram starts automatica!!y and t'e Insta!!S'ie!d Wi8ard We!come wi8ard is disp!ayed. At t'is
time7 you may cance! t'e insta!! process or continue wit' t'e ,omodo 9irewa!! Setup pro$ram. It is
recommended t'at you e=it a!! Windows pro$rams :eore runnin$ t'e setup. ,!ick Ne>t to continue.
Fiure: Uninstall -hird .art& Firewalls
Fiure: /nstall!hield 0elcome 0i1ard
STE= -: 2icense 0greeent
-. W'en ,omodo 9irewa!! is insta!!ed or t'e irst time7 you must comp!ete t'e initia!i8ation p'ase :y readin$
and acceptin$ t'e !icense a$reement. Ater you read t'e ?nd>*ser +icense A$reement7 c!ick 1es to continue
insta!!ation. I you dec!ine7 you cannot continue wit' t'e insta!!ation.
STE= 4: 2ocation :estination Folder
4. 6n t'e Destination Wi8ard pa$e7 conirm t'e !ocation o t'e 9irewa!! insta!!ation i!es. To insta!! t'e
pro$ram in t'e deau!t destination !ocation7 c!ick 2e(t. T'e deau!t destination directory is t'e ,BO-ro$ram
9i!esO,omodoO,omodo 9irewa!!.
I you do not wis' to insta!! t'e 9irewa!! i!es in t'e deau!t !ocation7 to insta!! to a dierent o!der7 c!ick
Fiure: 4e*ault 4estination Folder
Fiure: 5nd User 6icense Areement
78%0!5 and se!ect anot'er o!der. ,!ick %9 to continue wit' t'e insta!!ation process.
STE= 5: Set .p Stat's Bo>
5. A setup status dia!o$ue :o= is disp!ayed. Jou wi!! see a pro$ress :ar indicatin$ t'at i!es are :ein$
insta!!ed.
Fiure: Choose 4estination Folder
Fiure: !etup !tatus
STE= /: Con,ig'ration
/. .e=t7 you are presented wit' a c'oice o automatic or manua!!y coni$uration. Automatic coni$uration is
recommended or most users. Manua! coni$uration runs t'e Add Trusted 1one wi8ard7 t'e Scan 9or 3nown
App!ications wi8ard and some :asic options out!ined in Advanced ,oni$uration.
STE= #: Finalising )nstallation
7. To comp!ete t'e insta!!ation process7 your system wi!! :e coni$ured and you wi!! a dia!o$ue :o= !ike t'e
one :e!ow.
STE= (: %estart $o'r s$ste
(. A Setup ,omp!ete conirmation dia!o$ue :o= wi!! :e disp!ayed indicatin$ successu! comp!etion and te!!in$
you t'at you s'ou!d restart your system now so t'at t'e updates can take eect. -!ease save any unsaved
data and ,!ick Finish.
Fiure: Con*iurin &our s&stem
Coodo Firewall +anageent )nter,ace
Ater insta!!ation7 t'e ,omodo 9irewa!! icon wi!! :e disp!ayed on t'e Windows desktop. To start t'e ,omodo
9irewa!! pro$ram7 dou:!e>c!ick on t'e icon and t'e mana$ement interace wi!! open.
Jour computer is automatica!!y protected :y t'e irewa!! every time you start it. Jou do not 'ave to e=p!icit!y
start t'e irewa!! to protect your computer. T'e start screen o t'e irewa!! appears every time you re>start
your computer.
9urt'ermore7 t'e main window o t'e ,omodo 9irewa!! wi!! :e opened :y deau!t w'en you re>start your
computer. I you c'oose not to s'ow t'e app!ication window upon system start>up :y unc'eckin$ t'is settin$
in Program Settings under Advanced ,oni$uration. (ia t'e main window7 t'e ,omodo 9irewa!! is
administered. Jou ind inormation on t'e main window and on administerin$ t'e ,omodo 9irewa!! in 9irewa!!
Summary7 9irewa!! Activity and 9irewa!! Security.
Fiure: 8estart &our !&stem
Fiure: Comodo Firewall 4es:top !hortcut
,!osin$ t'is window wi!! e=it t'e ,omodo 9irewa!! mana$ement interace. T'e irewa!! wi!! remain active7
protectin$ your computer7 in t'e :ack$round.
To comp!ete!y s'ut t'e pro$ram down7 ri$'t>c!ick on t'e ,omodo 9irewa!! and se!ect D?=itD. I you c'oose to
e=it7 you wi!! see a dia!o$ue :o= conirmin$ w'et'er you want to e=it or not.
I you c'oose to e=it7 t'e 9irewa!! wi!! :e disa:!ed and wi!! not protect your -,.
Coodo Firewall .ninstallation
I you need to uninsta!! ,omodo 9irewa!!7 do t'e o!!owin$B
1. ,!ick t'e Windows Start :utton and :rowse to A!! -ro$ramsP,omodoP9irewa!!P*ninsta!!
O%
6n t'e Windows task:ar7 c!ick Start P Settin$s P ,ontro! -ane!.
In t'e ,ontro! -ane!7 dou:!e>c!ick Add/#emove -ro$rams.
In t'e !ist o current!y insta!!ed pro$rams7 c!ick ,omodo 9irewa!!.
,!ick ,'an$e/#emove.
Comodo Firewall 2.3 User Guide 1"
Fiure: Comodo Firewall GU/
Fiure: 5(it Comodo Firewall
2. A dia!o$ue :o= appears askin$ or conirmation o uninsta!!ation. ,!ick ,es to uninsta!!.
3. .e=t7 t'e irewa!! notiies you t'at t'e ,omodo App!ication A$ent is to :e s'ut down. ,!ick ,es to
continue uninsta!!ation
). A Setup Status dia!o$ue :o= inorms you t'at un>insta!!ation is takin$ p!ace.
5. Ater un>insta!!ation7 Insta!!S'ie!d Wi8ard appears. ,'eck t'e #estart ,omputer :o= and c!ick D63D to
comp!ete t'e un>insta!!ation.
Comodo Firewall 2.3 User Guide 1#
Fiure: Uninstall C.F con*iuration settins
Fiure: Uninstall C.F
Starting Coodo Firewall
Ater insta!!ation7 ,omodo 9irewa!! wi!! automatica!!y start w'enever you start Windows. In order to coni$ure
and view settin$s wit'in ,omodo 9irewa!! you need to access t'e mana$ement interace.
T'ere are 3 dierent ways to access t'e mana$ement interace o ,omodo 9irewa!!.
1. S$ste Tra$ )con
Jou can easi!y access ,omodo 9irewa!! via 9irewa!! Tray icon.
iA Coodo Firewall Tra$ )con
Qust dou:!e c!ick t'e s'ie!d icon to start t'e main irewa!! interace.
Comodo Firewall 2.3 User Guide 1$
Fiure: 8estart ,our Computer
3. Windows :es4top
Qust dou:!e c!ick t'e s'ie!d icon in t'e desktop to start ,omodo 9irewa!!.
-. Start +en'
Jou can a!so access ,omodo 9irewa!! via t'e Windows Start Menu.
,!ick DStartD and se!ect -ro$rams>P,omodo>P9irewa!!>P,omodo 9irewa!!
*sin$ any o t'e met'ods out!ined a:ove wi!! !ead you to t'e main interace as s'own :e!owB
Comodo Firewall 2.3 User Guide 1+
0cti"ating 1o'r Free 2icense
,omodo 9irewa!! is a ree>to>use app!ication. &owever7 t'e app!ication !icense must :e activated wit'in t'e
irst t'irty days o insta!!ation. Jou wi!! receive re$u!ar reminders i you 'ave not activated your insta!!ation.
I you 'ave re$istered t'e app!ication wit' us and $ot activation code t'en you on!y need to Activate your
9ree +icense.
I you do not 'ave a !icense or 'ave not yet re$istered ,omodo 9irewa!!7 p!ease see #e$isterin$ and Gettin$
a !icense irst.
0cti"ate $o'r ,ree license
To activate7 irst make sure you are connected to t'e internet. ,omodo 9irewa!! uses Internet ?=p!orerDs
Internet connection settin$s to activate !icense.
.e=t7 start up ,omodo 9irewa!!. ASee Startin$ ,omodo 9irewa!!C
Se!ect D*pdate +icenseD rom t'e irewa!! DSummaryD sectionB
Jou wi!! t'en :e presented wit' t'e D+icense StatusD dia!o$ :o= as s'own :e!owB
Fiure: Comodo Firewall 6icense !tatus
To activate7 copy and paste t'e activation code contained in your ,omodo 9irewa!! conirmation emai! and
c!ick '0cti"ate' :utton and you wi!! see a screen as :e!ow. A.ote > ater re$isterin$ ,omodo 9irewa!!7 you wi!!
'ave received two emai!s. T'e irst is a conirmation o your order7 t'e second is t'e activation code emai!.C
T'e app!ication wi!! t'en contact t'e ,omodo we:site and insta!! your ree7 !ietime !icense. In case t'e
!icense is activated successu!!y you wi!! see t'e o!!owin$ screen.
And now onwards i you see !icense status you wi!! see o!!owin$ screenB
Jou 'ave now activated your u!!7 !ietime !icense or ,omodo 9irewa!!. ?nFoyRR
%egistering and getting a license
I you insta!!ed ,omodo 9irewa!! direct!y rom a ma$a8ine coverdisc you may not 'ave re$istered t'e
app!ication at t'e ,omodo we:site. #e$istration is simp!e as we on!y re@uire your name and emai! address.
Jou wi!! t'en receive a conirmation emai! containin$ t'e code to activate your ree !ietime !icense.
Make sure you are connected to t'e internet.
9irst c!ick D*pdate +icenseD in t'e irewa!! DSummaryD section to disp!ay t'e !icense status dia!o$ue :o= .
.e=t c!ick DGet 9ree +icense .ow...D
Jou wi!! t'en :e taken to t'e ,omodo we:site to re$ister.
Ater re$isterin$7 you wi!! :e sent an order conirmation emai! and a !icense activation emai!.
To activate your !icense7 p!ease reer to Activate your ree +icense
Coodo Firewall
Chapter 2: Firewall !ummar&
The +ain )nter,ace
Ater insta!!ation7 ,omodo 9irewa!! automatica!!y protects any computer on w'ic' it is insta!!ed. Jou do not
'ave to start t'e pro$ram to :e protected.
See Startin$ ,omodo 9irewa!! i you are unsure o 'ow to access t'e main interace.
T'e interace contains t'ree main area indicated :y t'e ta:s at t'e top !et 'and o t'e interace> Summary7
Security and Activity.
0y deau!t7 t'e mana$ement interace disp!ays t'e DSummaryD area inormation. Jou can a!so access t'is
area at any time :y se!ectin$ t'e DSummaryD ta: as s'own a:ove.
T'e DS'ar$D area contains at>a>$!ance detai!s o irewa!! settin$s and detai!s.
Fiure: Comodo Firewall !ummar&
Coodo Firewall Chapter 2: Firewall !ummar&
1.Highlights
T'e &i$'!i$'ts section disp!ays inormation a:out Security A!erts and .ews re!ated to ,omodo 9irewa!! S
!atest ,ritica! security updates. Jou can view inormation a:out .ews and A!erts :y c!ickin$ on .ews and
A!erts ta:s in t'e &i$'!i$'ts section o t'e main ,omodo 9irewa!! G*I.
News
T'is section contains direct news eeds rom rom t'e ,omodo Server. Jou can a!so down!oad t'e !atest
inormation a:out critica! security updates and !atest news a:out ,omodo rom t'e News section.
2.Traffic Info
,omodo 9irewa!! produces a Traic 'istory $rap' to $ive an overview o t'e !ast one minute o your traic
'istory in terms o t'e most used 0pplications and .etwork protoco!s.
0pplication
Jou can view t'e inormation a:out t'e most active app!ications in t'e !ast 1 minute :ased on t'e traic used
:y t'e app!ications. T'e App!ication Traic &istory $rap's produce a rea!>time picture o t'e !ast one minute
o your traic in terms o t'e 'i$'est num:er o simu!taneous open network connections since t'e pro$ram
started.
,!ick ;iew More to $et more inormation a:out current active app!ications7 t'e protoco! :ein$ used7 and t'e
addresses or names o t'e connected computers. AT'is perorms t'e same unction as c!ickin$ DActivityD at
t'e top !et 'and o t'e main interace and takes you to t'e ,onnections screenC.
Networ4
,omodo 9irewa!! maintains rea!>time network counters t'at track usersH Internet usa$e. T'e detai!ed
statistics inc!ude t'e inormation a:out t'e overa!! network protoco! distri:ution7 .etwork T,-7 *D- and
I,M- :ytes sent and received. ,!ick on t'e .etwork !ink under Traic section to $et t'e inormation.
Fiure: 2ews
Fiure: 2etwor: -ra**ic
Fiure: Acti<e Applications
T'e network traic provides instant data7 in percenta$e7 a:out your incomin$ and out$oin$ network traic.
3.System Info
T'e DSystemD Ino area o t'e summary screen contains detai!s a:out t'e network adapters insta!!ed on your
computer.
0dapters
,omodo 9irewa!! detects a!! o t'e network adapters in your computer and provides you wit' a summary o
t'e detai!s o t'e network adapters in your system. A network adapter cou!d :e a modem7 an ?t'ernet
network card7 a virtua! (-. adapter7 or a virtua! ---o? adapter Aused or some DS+ ,onnectionsC.
:ial!'p
I you are usin$ a Dia!>up coonection7 t'en you can view t'e Dia!>*p Adapter detai!s :y c!ickin$ 2e(t.
Fiure: 2etwor: Adapter
4. View Alerts
Jou can view inormation a:out t'e type o security a!erts7 t'e t'reat !eve! and t'e communication t'at
tri$$ered t'is a!ert :y c!ickin$ on t'e 6os ta: in t'e Activity main screen.
+a> 2og SiBe
,omodo stores t'e events reported :y t'e irewa!! en$ine in t'e !o$. Jou can view t'e detai!s o t'e a!erts
tri$$ered :y t'e possi:!e attacks on your computer. T'e events are reported and stored in &TM+ ormat.
Jou can reduce t'e ma=imum si8e o t'e !o$ i!e rom 5 M0 7 1%7 M07 15 M07 25 M0 7 5% M0 and 1%% M0 :y
se!ectin$ t'e 9i!e si8e rom t'e Ma(imum 6o si1e Drop down menu.
Col'ns :escription:
1. T'e 9irst ,o!umn =!e<erit&' represents t'e t'reat !eve! o an attackB &i$'7 Medium and +ow. &i$'
severity a!erts are very serious security risks !ike D6S and -ort Scan attacks and t'e irewa!! $oes
into emer$ency to temporari!y :!ock incomin$ traic. Medium and +ow severity a!erts are not so
serious and are caused :y trans$ression o one or more .etwork ,ontro! ru!es.
2. T'e Second ,o!umn =8eporter' states w'ic' su:system $enerated t'e attack report. AApp!ication
Monitor7 .etwork Monitor7 ,omponent Monitor or App!ication 0e'aviour MonitorC.
3. T'e T'ird ,o!umn A4escription' represents t'e nature o t'e !o$$ed a!ert. 9or e=amp!e 7 a!erts cou!d
:e caused :y po!icy vio!ation caused :y trans$ressin$ a .etwork ,ontro! #u!eK D6S A Denia! 6
ServiceC attack or T,-/*D- -ort Scan .
). T'e 9ourt' ,o!umn ?:ate I TieA represents t'e date and time w'en t'e a!erts were tri$$ered.
Conte>t Sensiti"e +en'
#i$'t c!ickin$ on t'e a!ert !ist revea!s a conte=t sensitive menu containin$ ut'er !o$ options.
Fiure: Alerts 8eports
Show 2ogs For ! T'e user can c'oose to view !o$s o a!! a!erts rom Today7 +ast 7 days or +ast 3%
days. T'e deau!t is to s'ow todayDs a!erts on!y.
2og E"ents Fro > T'ere are our seperate components o ,omodo 9irewa!! t'at 'ave t'e potentia!
to popu!ate t'e D+o$D area wit' t'e a!erts t'ey $enerate. T'is entry !ets t'e user c'an$e w'ic' events
are recorded in t'e !o$s accordin$ to t'e component t'at $enerated t'em. 0y deau!t7 a!erts $enerated
:y a!! our components are recorded. ,omodo advise users to !eave t'is settin$ at t'e deau!t.
E>port <T+2.... *sers can e=port a more detai!ed &TM+ copy o t'e !o$s to !oca! or network drives.
T'is is very useu! or records and trou:!es'ootin$ purposes. ,!ick t'e D?=port &TM+...D entry7 c'oose
a i!ename and destination and c!ick DSaveD
Clear 0ll 2ogsB ?mpties t'e current view
T$pes o, 0lerts
T'ere are t'ree types o a!erts :ased on t'eir severity !eve!s B &i$'7 Medium and +ow.
<igh@ +edi' and 2ow Se"erit$ 0lerts :
<igh Se"erit$ 0lerts are represented :y a #ed icon . &i$' Severity a!erts are $enerated :y D6S A Denia!
o ServiceC attacks7 -ort Scan7 TroFan -ro:e attacks and w'en app!ication monitor detects a D!eakD.
W'en a 'i$' severity a!ert is detected7 t'e 9irewa!! $oes into emer$ency mode. T'e irewa!! wi!! stay in
emer$ency mode or t'e duration set :y user i.e time to stay in emergency mode7 :y deau!t7 t'e duration is
set to 12% seconds. In t'e emer$ency mode7 a!! in:ound traic is :!ocked e=cept t'ose previous!y
esta:!is'ed and active connections. &owever7 a!! out:ound traic is sti!! a!!owed.
+edi' se"erit$ alerts are represented :y an 6ran$e icon
2ow se"erit$ alerts are represented :y a Green icon .
Medium and +ow severity a!erts are caused :y vio!ation o network contro! ru!es.
0lert :escription :
Jou can view detai!s a:out a $enerated a!ert :y se!ectin$ it and c!ickin$ on t'e Description ta: . Jou wi!! $et
inormation a:out t'e nature o attack7 Source I-7 Destination I- and cause w'ic' tri$$ered t'e a!ert.
0lert
W'en ,omodo 9irewa!! intercepts any unknown pro$ram or a pro$ram not matc'in$ t'e set ru!es7 you wi!! :e
prompted :y t'e $eneration o a A!ert -op>*p window.
Fiure: Alert .op>Up
T'e A!ert inc!udes inormation !ike name o App!ication w'ic' tri$$ered t'e a!ert7 t'e -arent App!ication 7 t'e
-rotoco! used :y t'e App!ication7 its I- address and its -ort .um:er.
T'e top ri$'t corner o t'e pop up a!so s'ows t'e Security A!ert Severity +eve!. T'e co!our assi$nations
correspond to t'ose out!ined a:ove in ?ih@ Medium and 6ow !e<erit& Alerts.
9or e=amp!e7 pop window s'own a:ove indicates a $reen severity security !eve!.
T'is is :ecause Internet ?=p!orer is considered a sae app!ication. Nuick!y $!ancin$ at t'e a!ert !eve! indicator
provides a @uick way to determine w'et'er an app!ication or activity s'ou!d concern t'e user.
:etails
,ontainsB
T'e app!ication name
T'e I- address o t'e site it is attemptin$ to connect to
T'e port it is usin$ to make t'e connection
T'e protoco! it is usin$ to aci!itate t'e connect
Sec'rit$ Considerations
T'is area provides a consise7 at a $!ance summary o t'e security risk invo!ved wit' a!!owin$ t'is app!ication
to access t'e internet.
Choose options
6nce you understand t'e risk7 you can respond in t'e o!!owin$ ways B
%ee7er $ answer ,or this applicationB c'eck t'is :o= to instruct t'e 9irewa!! not to $enerate an a!ert
a$ain i t'e parameters o t'e app!ication are t'e same.
0llow > a!!ows t'e current instance o t'e app!ication to access t'e internet accordin$ to t'e de!inated
parameters
:en$ > 0!ocks t'e app!ication rom accessin$ t'e internet
+ore :etails
I you are unsure a:out t'e app!ication7 you can view more inormation a:out t'e app!ication :y c!ickin$ More
Details ta: so t'at you can decide w'at to do. W'en you c!ick More Detai!s7 a -op>up window wi!! appear a
:rie inormation a:out t'e app!ication.
Fiure: More 4etails A)out -he Application
Se!ectin$ t'e D-arent App!icationD radio :utton ena:!es t'e user to view inormation a:out t'e app!ication t'at
ori$ina!!y caused t'e c'i!d app!ication to try to access t'e internet. In t'is case7 ?=p!orer.e=e commanded
Internet ?=p!orer.e=e to access t'e internet. D?=p!orer.e=eD is t'ereore t'e parent app!ication to DInternet
?=p!orer.e=eD.
5. Upate !icense
Jou can update t'e ,omodo 9irewa!! !icense :y c!ickin$ on t'e .pdate 2icense ta: in t'e main ,omodo
9irewa!! G*I and t'e +icense wi8ard wi!! open to $uide you t'rou$' t'e process o upadtin$ your !icense.
". #omp$ter Sec$rity !e%el
In t'is section7 you can view 'ow to customi8e security settin$s usin$ t'e ,omputer Security +eve!.
,omodo 9irewa!! a!!ows you to customi8e irewa!! security :y usin$ t'e ,omputer Security +eve! s!ider to
c'an$e preset security !eve!s. T'e ,omputer Security +eve! S!ider a!!ows you to se!ect 0!ock A!!7 ,ustom or
A!!ow A!! security settin$s :y adFustin$ t'e s!ider to c'an$e t'e security !eve!s.
To ,'an$e t'e ,omputer Security +eve! s!iderB
1. 6pen ,omodo 9irewa!! G*I.
2. In t'e ,omputer Security +eve!7 adFust t'e s!ider to 0!ock A!!7 ,ustom or A!!ow A!!.
Jou can adFust t'e s!ider to t'e ,omputer Security +eve! you wantB
Fiure: Computer 6e<el !ecurit& !lider
J Bloc4 0llB T'e irewa!! :!ocks everyt'in$ irrespective o t'e restrictions set :y t'e user.
J C'stoB ,ustom security coni$uration created :y t'e user is app!ied.
T 0llow 0llB Disa:!es t'e irewa!! and makes it inactive. A!! incomin$ and out$oin$ connections are a!!owed
irrespective o t'e restrictions set :y t'e user.
T'e security !eve! ,'osen :y you wi!! a!so appear in t'e orm o a co!oured :a!! icon on t'e top>ri$'t 'and
corner o t'e ,omodo 9irewa!! G*IB A %ed icon represents D0!ock A!!D Security 7 an Orange icon represents
,ustom +eve! Security and a Green Icon represents a DA!!ow A!!D security.
,!ickin$ DTest your current security coni$urationD contacts t'e ,omodo &ackerGuardian we:site
Awww.'acker$uardian.comC.
&ackerGuardian vu!nera:i!ity scans conduct in dept' testin$ o your computer and network to identiy
potentia! security 'o!es.
Si$n up or a D9ree ScanD to ind out 'ow we!! deended your system is a$ainst 'ackers.
Test Sec'rit$ Con,ig'ration
Jou can c'eck your current security coni$uration and see 'ow vu!nera:!e your system is or outside attack
:y c!ickin$ t'e current security coni$uration icon . T'e user wi!! :e directed to
http:DDwww.hac4erg'ardian.coD a ,omodo site w'ic' !etDs you c'eck your server vu!nera:i!ities.
&. Sec$rity 'onitoring
T'e Sec'rit$ +onitoring Section section provides s'ortcuts to tasks in t'e Security section o t'e irewa!!.
T'ese sections a!!ow you to coni$ure 9irewa!! operations and settin$s administratin$
0pplication +onitior > S'ortcut to t'e App!ication Monitorin$ Section o Security. 2 modes o operation7 6.
or 699
Coponent +onitor > S'ortcut to t'e ,omponent Monitor Section o Security. 3 modes o operation 6.7
699 or +?A#. M6D?
Networ4 +onitor > S'ortcut to t'e .etwork Monitorin$ Section o Security. 2 modes o operation 6. and
699
0pplication Beha"ior 0nal$sis > S'ortcut to t'e Advanced Section o Security. 2 modes o operation 6.
and 699
(. )rotection Strength
T'ere are ive !eve!s o protection stren$t'. ,omodo 9irewa!! determines t'e protection stren$t' :ased on
t'e 6. or 699 attri:utes or eac' o t'e sections in t'e Security Monitorin$ section a:ove.
T'e ive !eve!s are ?=ce!!ent > Good > 9air > -oor > 0ad. T'e deau!t settin$s o App!ication Monitor A6.C7
,omponent Monitor A+earn ModeC7 .etwork Monitor A6.C and App!ication 0e'aviour Ana!ysis A6.C produce
a deau!t -rotection Stren$t' o D?=ce!!entD
*. Upater
T'e Coodo Firewall .pdater wi!! down!oad Manua! or Automatic updates on!y i your computer is
connected to t'e Internet. I Internet connection is unavai!a:!e7 t'e updatin$ process wi!! not start.
T'ere are two types o *pdater. T'ese areB 0'toatic .pdater K +an'al .pdater.
0'toatic .pdater
T'e DAutomatic updaterD modu!e c'ecks or update avai!a:i!ity once a day. As it is c'eckin$ it s'ows a
!as'in$ icon in system tray as s'own :e!owB
I updates are avai!a:!e t'e messa$e :o= is disp!ayed ot'erwise not and it c'ecks a$ain ne=t day. To
down!oad t'e updates c!ick 1es e!se No. I you c!ick No t'e updates wou!d not take p!ace.
Ater updates are insta!!ed7 a pop>up emer$es rom t'e system tray as s'own :e!ow
Ater t'e insta!!ation process is comp!eted you wi!! need to re>start your computer or t'e c'an$es to take
eect.
,!ick DJesD to re>start immediate!y or D.oD to re>start at a !ater time.
+an'al .pdater
Manua! updates can :e down!oaded and insta!!ed at any time :y c!ickin$ t'e D*pdaterD :utton in t'e top ri$'t
'and corner o t'e irewa!! interaceB
I updates are avai!a:!e7 t'e o!!owin$ screen appears.
To intiate t'e update process c!ick on t'e Start :utton. I you want to initiate t'e updates !ater7 c!ick on t'e
07ort :utton to !eave t'e *pdater wi8ard.
I t'e sotware inds any new updates it wi!! start insta!!in$.
6nce t'e insta!!ation o updates is inis'ed7 t'e messa$e .pdates ha"e 7een installed wi!! appear on t'e
screen.
Ater t'e insta!!ation process is comp!eted7 ,!ick OH. It wi!! re@uest you to restart t'e system.
,!ick 1es to re:oot t'e system now or No to re:oot at a !ater time.
Coodo Firewall

Chapter 3: Firewall Acti<it&
,omodo 9irewa!! records inormation a:out a!! app!ication and network connections7 actions t'at t'e irewa!!
'as taken7 and any a!erts t'at 'ave :een tri$$ered. T'e Acti<it& section inc!udes detai!s a:out active
Connections and t'e 6os section inc!udes customi8ed inormation a:out tri$$ered Security a!erts.
Connections
A !ist o active connections on t'e network and t'e connection parameters used in t'e ,onnections section
o Activity #eport. ,omodo 9irewa!! records inormation a:out a!! app!ication and network connections7
actions t'at t'e irewa!! 'as taken7 and any a!erts t'at 'ave :een tri$$ered.
Se!ect t'e Connections ta: in t'e Activity 6verview section to view t'e !ist o active connections on t'e
network and t'e connection parameters used :y individua! app!ications.
Fiure: Firewall Acti<it&
Coodo Firewall Chapter 3: Firewall Acti<it&
Col'ns :escription:
T'e 9irst ,o!umn =Applications' represents eac' app!icationDs icon and name AdescriptionC < i t'e
app!ication 'as no icon7 t'e deau!t system icon or e=ecuta:!e i!es wi!! :e usedK i no description
AnameC is avai!a:!e7 t'e name o t'e i!e wit'out t'e e=tension wi!! :e disp!ayed.
T'e Second ,o!umn =Addresses' represents I- Address o t'e app!ication. In case t'e app!ication
is waitin$ or communication and t'e port is open7 it is descri:ed as U+istenin$H.
T'e T'ird ,o!umn =!er<ices' represents t'e ports used :y t'e individua! app!ications.
T'e 9ourt' ,o!umn =.rotocol' represents t'e -rotoco!s7 usua!!y T,-7 *D- or 0ot'7 used :y t'e
app!ications.
T'e 9it' ,o!umn =-ra**ic' represents t'e Tota! e=tent o incomin$ AInC and out$oin$ AOutC data
wit'in t'e particu!ar connection in 0ytes.
T'e Si=t' ,o!umn ?0ctionA ena:!es t'e user to c!ose down t'e speciic connection.
:etails
Jou can view additiona! inormation a:out individua! app!ications :y se!ectin$ an app!ication in co!umn 1. T'e
Details pane! at t'e oot o t'e interace disp!ays in dept' inormation a:out t'e particu!ar app!ication. In t'e
e=amp!e a:ove7 you can view App!ication inormation !ike App!ication name A cBO-ro$ram
Fiure: 6ist o* Acti<e Connections
9i!esOSkypeOSkype.e=eC 7 ,ompany7 Description Aa concise description o t'e pro$am po!!ed rom t'e
app!ication data:aseC (ersion and Security #isk A SA9?C.
2ogs
Jou can view inormation a:out t'e type o security a!erts7 t'e t'reat !eve! and t'e communication t'at
tri$$ered t'is a!ert :y c!ickin$ on t'e 6os ta: in t'e Activity main screen.
+a> 2og SiBe
,omodo stores t'e events reported :y t'e irewa!! en$ine in t'e !o$. Jou can view t'e detai!s o t'e a!erts
tri$$ered :y t'e possi:!e attacks on your computer. T'e events are reported and stored in &TM+ ormat.
Jou can reduce t'e ma=imum si8e o t'e !o$ i!e rom 5 M0 7 1%7 M07 15 M07 25 M0 7 5% M0 and 1%% M0 :y
se!ectin$ t'e 9i!e si8e rom t'e Ma(imum 6o si1e Drop down menu.
Col'ns :escription:
1. T'e 9irst ,o!umn =!e<erit&' represents t'e t'reat !eve! o an attackB &i$'7 Medium and +ow. &i$'
severity a!erts are very serious security risks !ike D6S and -ort Scan attacks and t'e ,-9 $oes into
emer$ency to temporari!y :!ocks incomin$ traic. Medium and +ow severity a!erts are not so serious
and are caused :y .etwork ,ontro! ru!es.
2. T'e Second ,o!umn =8eporter' represents t'e su:systems !ike App!ication ,ontro! en$ine or
.etwork ,ontro! ?n$ine w'ic' $enerated t'e attack reports.
3. T'e T'ird ,o!umn A4escription' represents t'e nature o attack 7 or e=amp!e 7 attack types cou!d :e
Fiure: Alerts 8eports
-o!icy (io!ation caused :y a ,ontro! #u!e 7 D6S A Denia! 6 ServiceC attack or T,-/*D- -ort Scan .
). T'e 9ourt' ,o!umn ?:ate I TieA represents t'e date and time w'en t'e a!erts were tri$$ered.
#i$'t c!ickin$ on t'e a!ert !ist revea!s a conte=t sensitive menu containin$ urt'er !o$ options.
Show 2ogs For ! T'e user can c'oose to view !o$s o a!! a!erts rom Today7 +ast 7 days or +ast 3%
days. T'e deau!t is to s'ow todayDs a!erts on!y.
2og E"ents Fro ! T'ere are our separate components o ,omodo 9irewa!! t'at 'ave t'e potentia!
to popu!ate t'e D+o$D area wit' t'e a!erts t'ey $enerate. T'is entry !ets t'e user c'an$e w'ic' events
are recorded in t'e !o$s accordin$ to t'e component t'at $enerated t'em. 0y deau!t7 a!erts $enerated
:y a!! our components are recorded. ,omodo advise users to !eave t'is settin$ at t'e deau!t.
E>port <T+2.... ! *sers can e=port a more detai!ed &TM+ copy o t'e !o$s to !oca! or network drives.
T'is is very useu! or records and trou:!es'ootin$ purposes. ,!ick t'e D?=port &TM+...D entry7 c'oose
a i!ename and destination and c!ick DSaveD
Clear 0ll 2ogs ! ?mpties t'e current view.
T$pes o, 0lerts
T'ere are t'ree types o a!erts :ased on t'eir severity !eve!sB &i$'7 Medium and +ow.
<igh@ +edi' and 2ow Se"erit$ 0lerts:
<igh Se"erit$ 0lerts are represented :y a #ed icon . &i$' Severity a!erts are $enerated :y D6S A Denia!
o ServiceC attacks7 -ort Scan7 TroFan -ro:e attacks and w'en app!ication monitor detects a D!eakD.
W'en a 'i$' severity a!ert is detected 7 t'e irewa!! $oes into emer$ency mode. T'e irewa!! wi!! stay in
emer$ency mode or t'e duration set :y t'e user. T'is duration7 set :y deau!t to 12% seconds7 can :e
coni$ured in t'e Intrusion Detection ta: in DAdvanced ,oni$uration. W'i!st in emer$ency mode7 a!! in:ound
traic is :!ocked e=cept t'ose previous!y esta:!is'ed and active connections. &owever7 a!! out:ound traic is
sti!! a!!owed.
+edi' se"erit$ alerts are represented :y an 6ran$e icon
2ow se"erit$ alerts are represented :y a Green icon .
Medium and +ow severity a!erts are caused :y vio!ation o network contro! ru!es.
0lert :escription:
Jou can view detai!s a:out a $enerated a!ert :y se!ectin$ it and c!ickin$ on t'e Description ta: . Jou wi!! $et
inormation a:out t'e nature o attack7 Source I-7 Destination I- and cause w'ic' tri$$ered t'e a!ert.
0lert
W'en ,omodo 9irewa!! intercepts any unknown pro$ram or a pro$ram not matc'in$ t'e set ru!es7 you wi!! :e
prompted :y t'e $eneration o a A!ert window.
T'e A!ert inc!udes inormation !ike name o 0pplication w'ic' tri$$ered t'e a!ert7 t'e =arent 0pplication7
t'e -rotoco! used :y t'e App!ication7 its I- address and its -ort .um:er.
T'e top ri$'t corner o t'e pop up a!so s'ows t'e Security A!ert Severity +eve!. T'e co!our assi$nations
correspond to t'ose out!ined a:ove in &i$'7 Medium and +ow Severity A!erts.
9or e=amp!e7 pop window s'own a:ove indicates a $reen severity security !eve!B
T'is is :ecause Internet ?=p!orer is considered a sae app!ication. Nuick!y $!ancin$ at t'e a!ert !eve! indicator
provides a @uick way to determine w'et'er an app!ication or activity s'ou!d concern t'e user.
:etails
,ontainsB
T'e app!ication name
T'e I- address o t'e site it is attemptin$ to connect to
T'e port it is usin$ to make t'e connection
T'e protoco! it is usin$ to aci!itate t'e connect
Sec'rit$ Considerations
T'is area provides a consise7 at a $!ance summary o t'e security risk invo!ved wit' a!!owin$ t'is app!ication
to access t'e internet.
Choose options
6nce you understand t'e risk7 you can respond in t'e o!!owin$ ways B
%ee7er $ answer ,or this applicationB c'eck t'is :o= to instruct t'e 9irewa!! not to $enerate an a!ert
a$ain i t'e parameters o t'e app!ication are t'e same.
0llow > a!!ows t'e current instance o t'e app!ication to access t'e internet accordin$ to t'e dec!inated
Fiure: Alert .op>Up
parameters.
:en$ > 0!ocks t'e app!ication rom accessin$ t'e internet
+ore :etails
I you are unsure a:out t'e app!ication7 you can view more inormation a:out t'e app!ication :y c!ickin$ t'e
icon at t'e top o any a!ertB
Se!ectin$ t'e D-arent App!icationD radio :utton ena:!es t'e user to view inormation a:out t'e app!ication t'at
ori$ina!!y caused t'e c'i!d app!ication to try to access t'e internet. In t'is case7 ?=p!orer.e=e commanded
Internet ?=p!orer.e=e to access t'e internet. D?=p!orer.e=eD is t'ereore t'e parent app!ication to DInternet
?=p!orer.e=eD.
Fiure: More 4etails A)out -he Application
Coodo Firewall
Chapter ": Firewall !ecurit&
9irewa!! security is accessed :y se!ectin$ t'e DSecurityD ta: o t'e main interaceB
Jou can coni$ure t'e security settin$s o ,omodo 9irewa!! at dierent !eve!s. T'e -as:s eature a!!ows you
to create ru!es or app!ications and network connections t'rou$' a series o s'ortcuts . T'e Application
Monitor eature a!!ows you to eit'er add/ modiy or i!ter App!ication i!terin$ ru!es. T'e 2etwor:
Monitor eature a!!ows you to view coni$ure your network contro! ru!es. T'e Ad<anced ,oni$uration a!!ows
t'e user to coni$ure t'e security settin$s at an advanced !eve!.

Fiure: Firewall !ecurit&
Coodo Firewall Chapter ": Firewall !ecurit&
Tas4s
T'e -as:s section a!!ows you to create ru!es or app!ications and network connections t'rou$' a series o
s'ortcuts and wi8ards. T'e section contains two main areas7 Tasks and Wi8ards.
Tas4s
J:e,ine a New Tr'sted 0pplication
J:e,ine a New Banned 0pplication
J0dd D %eo"e D +odi,$ a Eone
JSend ,iles to CO+O:O ,or anal$sis
JNeed <elp
JChec4 ,or .pdates
Fiure: Create 8ules
WiBards
J :e,ine a new Tr'sted Networ4
J Scan For Hnown 0pplications
+efine a ,ew Allowe- Tr$ste Application
T'is s'ortcut represents a convenient way to create an automatic a!!ow ru!e :y coni$urin$ t'e !eve! o ;trust;
t'at individua! app!ications 'ave. ,omodo 9irewa!! a!!ows you to prepare a !ist o trusted/ a!!owed
app!ications and coni$ure t'eir access ri$'ts to networks and t'e internet.
1. ,!ick on Add a .ew A!!owed / Trusted App!ication !ink.
2. A dia!o$ue :o= wi!! appear askin$ you t'e se!ect t'e app!ication to :e a!!owed.

3. ,!ick :rowse to !ocate t'e app!ication on your !oca! or network drive.
Comodo Firewall 2.3 User Guide "3
Fiure: !elect Application to )e allowed
Fiure: Application to )e allowed selected
). T'e se!ected app!ication appears a!on$ wit' its !ocation in i!e system pat' .
5. Jou are $iven t'e option to speciy an app!icationHs parent as we!!. ,'eck t'e :o= and :rowse to !ocate t'e
-arent App!ication. T'e 9irewa!! wi!! automatica!!y !earn it even i it is not speciied.
,omodo 9irewa!! veriies t'e inte$rity o t'e app!ication tryin$ to communicate. I t'is is modiied > you are
inormed. 0y tracin$ an app!icationDs parent process t'e irewa!! knows i anot'er app!ication is tryin$ to
spawn an a!ready trusted app!ication and t'us deny access to t'e network even or t'at trusted app!ication.
T'is system provides t'e very 'i$'est protection a$ainst troFans and ma!ware t'at try to use trusted sotware
suc' as Internet ?=p!orer to sneaki!y access t'e internet.
6. ,!ick 63 to ina!i8e t'e settin$s. An entry a:out t'e Trusted/A!!owed App!ication wi!! appear in t'e !ist o
App!ication ,ontro! #u!es viewa:!e in t'e App!ication Monitor section. T'e #u!e takes eect immediate!y and
t'e app!ication is c!assiied as Trusted/ A!!owed so t'at in:ound and out:ound connections are permitted.
W'en an app!ication seeks internet access7 ,omodo 9irewa!! irst c'ecks w'et'er it reco$ni8es t'e
app!ication as trusted/ a!!owed or :anned. I t'e app!ication is reco$ni8ed as trusted/ a!!owed7 ,omodo
9irewa!! automatica!!y a!!ows it access to t'e Internet.
7. ,!ick &e!p to view t'e &e!p pa$e or 'ow to add a new a!!owed app!ication.
+efine a ,ew .anne Application
I you do not reco$ni8e a pro$ram t'en we wou!d recommend t'at you :!ock it rom accessin$ t'e internet. I
you !ater identiy t'e app!ication or rea!i8e t'at a pro$ram 'as stopped workin$ :ecause o t'is action7 you
can c'an$e its settin$s in t'e App!ication ,ontro! #u!es !ist.
T'is s'ortcut represents a convenient way to create an automatic D:!ockD ru!e or an app!ication and to ine>
tune its access ri$'ts to networks and t'e internet.
1.,!ick on Deine a .ew 0anned App!ication !ink in t'e Tasks section.
2. A dia!o$ue :o= wi!! appear askin$ you t'e se!ect t'e app!ication to :e :anned.
Fiure: !elect Application to )e )anned
3. ,!ick D0rowseD to !ocate t'e app!ication on your computer.
). T'e se!ected app!ication appears a!on$ wit' its !ocation in i!e system pat' .
5. Jou are $iven t'e option to speciy an app!icationHs parent as we!!. ,'eck t'e :o= and :rowse to !ocate t'e
-arent App!ication. T'e 9irewa!! wi!! automatica!!y !earn it even i it is not speciied.
inormed.
6. ,!ick 63 to ina!i8e t'e settin$s. An entry a:out t'e 0anned App!ication wi!! appear in t'e !ist o App!ication
,ontro! #u!es. T'e #u!e takes eect immediate!y and t'e app!ication is c!assiied as 0anned so t'at in:ound
and out :ound connections are disa!!owed. W'en an app!ication seeks Internet access7 ,omodo 9irewa!!
irst c'ecks w'et'er it reco$ni8es t'e app!ication as trusted or :anned. I t'e app!ication is reco$ni8ed as
:anned7 ,omodo 9irewa!! automatica!!y disa!!ows it access to t'e Internet.
7. I you do not want app!ication to :e :anned7 c!ick cance!.
". ,!ick &e!p to view t'e &e!p pa$e or 'ow to add a new :anned app!ication.
A-/emo%e-'oify a 0one
An individua! mac'ine or network can :e represented as a 8one to w'ic' access can :e $ranted or denied in
App!ication ,ontro! #u!es and .etwork ru!es. T'is section !ets you Add/?dit/#emove 1ones.
,omodo 9irewa!! a!!ows users to add/edit/remove 8one t'rou$' LModiy 1oneE dia!o$ :o=
1. ,!ick on Add/#emove/Modiy a 1one in t'e Tasks section.
2. A dia!o$ue :o= wi!! appear askin$ you to add/edit/remove 8one.
Fiure: Application to )e )anned selected
,!ick t'e LAdd...E :utton to deine a new 8oneB

A1C Give t'e 1one a name 7 or e=amp!e U&omeD
A2C ?nter t'e I- or t'e 8one7 startin$ rom t'e Start I- to t'e ?nd I- ran$e or w'ic' you want
unrestricted access. T'e addresses you deine 'ere speciy t'e I-AsC t'at traic can :e directed to
rom t'e Internet.
A3C ,!ick 63 to create t'e new 1one ru!e.
A)C #epeat or any ot'er 8ones w'ic' you want to add.
Fiure: Modi*& Aone
Fiure: !peci*& Aone
I you want to edit any 8one or .ame/Start I-/ ?nd I-7 Jou can se!ect it rom t'e !ist and c!ick on ;?dit...;
:utton and a$ain Fust !ike ;Add; you can modiy eac' ie!d o it.
In case you want to remove a particu!ar 8one7 you can se!ect it rom t'e !ist and c!ick on L#emoveE :utton.
Sen files to #omoo for analysis
I t'ere is no advice avai!a:!e or an app!ication and/or parent and t'ey are not in t'e ,omodo 9irewa!! sae
!ist7 t'en you 'ave t'e option to su:mit t'em to ,omodo or ana!ysis. ,!ickin$ t'e ;Send i!es to ,6M6D6
or ana!ysis; !ink wi!! automatica!!y :e$in t'e i!e su:mission process.
Ater sendin$ t'e i!e to us7 our deve!opers wi!! determine w'et'er or not it represents a t'reat to your
security. I it does we wi!! take immediate action to nu!!iy it.
T'e su:mit unction is an important component o our coordinated strate$y to com:at emer$in$ t'reats to
your security.
*sers can access t'e su:mit eature in two ways.
T'e irst is :y c!ickin$ on DSend i!es to ,6M6D6 or ana!ysis in t'e main ,ommon Tasks interace As'own
:e!owC
Second!y7 users can send a i!e to us as soon as ,omodo 9irewa!! detects strai$'t rom an a!ert t'at is
$enerated. Asee :e!owC. Simp!y c!ick t'e !ink to $o strai$'t to t'e i!es su:mission process.
Comodo Firewall 2.3 User Guide ""
Fiure: 5dit Aone
File S'7ission =rocess
,omodo 9irewa!! a!!ows users to send i!es or ana!ysis w'ic' are not in t'e sae !ist t'rou$' L9i!es
Su:missionE dia!o$ :o= as :e!ow.
1. ,!ick on ;Send i!es to ,6M6D6 or ana!ysis;
2. T'e D9i!es Su:missionD dia!o$ a!!ows you to c'oose w'ic' i!es you wis' to su:mit. ,!ick DAddD to manua!!y
add suspicious i!es to t'e D+ist o 9i!esD. Simi!ar!y7 to remove a i!e rom t'e su:mission process7 c!ick t'e
D#emoveD :utton. Jou 'ave t'e option to add an accompanyin$ description to eac' i!e you su:mit.
Comodo Firewall 2.3 User Guide "#
Fiure: /nstant su)mission <ia the alert
Fiure: !end *iles to C%M%4%
*sin$ LAdd...E :utton you can add a i!e7 w'ic' wi!! :rin$ up o!!owin$ dia!o$B
In case you want to remove a particu!ar i!e7 you can se!ect it rom t'e !ist and c!ick on L#emoveE :utton and i
you want to remove a!! t'e i!es in t'e !ist ,!ick on ;#emove A!!; :utton.
,!ick DSu:mitD to send t'e i!es to ,omodo.
,ee Help1
Coodo For's
T'e astest way to $et urt'er assistance on ,omodo 9irewa!! is :y Foinin$ ,omodo 9orums7 a messa$e
:oard e=c!usive!y created or our users to discuss anyt'in$ re!ated to our products. #e$ister ree at
'ttpB//orums.comodo.com .
JouH!! :eneit rom t'e e=pert contri:utions o deve!opers and e!!ow users a!ike and weDd !ove to 'ear your
t'ou$'ts and su$$estions.
*sers can a!so access t'e orums :y c!ickin$ ;.eed &e!p2; in t'e DTasksD main screen.
Online Hnowledge Base
We a!so 'ave an on!ine know!ed$e :ase and support ticketin$ system at 'ttpB//support.comodo.com .
#e$istration is ree.
#hec2 for Upates1
To down!oad t'e updates manua!!y7,!ick on t'e *pdater icon at t'e top ri$'t 'and corner o t'e app!icationB

To know more see Manua! *pdater and Automatic *pdater.
Comodo Firewall 2.3 User Guide "$
Fiure: !end *iles to C%M%4% > Add
WiBards
I you use speciic services t'at re@uire Internet or network access on a re$u!ar :asis7 you may want to
adFust access settin$s or t'ese services or mac'ines. Jou can coni$ure security settin$s or eac'
app!ication on your computer :y settin$ certain restrictions on w'ic' I- addresses and ports an app!ication
can uti!i8e.
,omodo 9irewa!! can scan your computer or app!ications w'ic' seek Internet>access and create access
ru!es or t'em. W'en t'e scan is comp!ete7 you can use t'e resu!ts to determine w'ic' pro$rams s'ou!d
'ave access to t'e Internet and7 i desired7 adFust t'eir access ru!es. ,omodo 9irewa!! 'as t'e o!!owin$
wi8ardsB
J :e,ine a new Tr'sted 0pplication
J Scan For Hnown 0pplications
+efine a new Tr$ste ,etwor2
The Tr'sted Networ4 Eone WiBard
,omputers or We: sites in t'e Trusted 1one 'ave u!! access to your computer. T'e trusted 8one is or
mac'ines you trust > i!es'arin$ is a!!owed7 and :y deau!t no stea!t'in$ is done. T'e Trusted 8one inc!udes
t'e computer under protection and usua!!y t'e !oca! network and a!!ows any network operations. T'ese
network operations are e=pected sae :ecause t'e 8one is trusted. T'ere are sti!! some restrictions t'ou$'7
to prevent ra$mented packets or denia! o service type attacks and port scannin$.
Jou can speciy t'e addresses o trusted mac'ines and we:sites eit'er :y name or :y I- address.
Comodo Firewall 2.3 User Guide "+

To :e$in addin$ a trusted 8one7 c!ick D.e=tD.
T'e wi8ard auto>detects any new network 8ones and disp!ays t'e ran$e o I- addresses to :e contained
wit'in t'e trusted 8one. T'is wi!! usua!!y represent your computer and ot'er mac'ines on your !oca! network.
,!ick ne=t to continueB
Jou are now re@uired to se!ected t'e network 8one you wis' to DTrustD. Se!ect t'e network 8one rom t'e
drop down !ist and c!ick D.e=tD. At t'e ensuin$ conirmation dia!o$7 p!ease take a moment to review your
settin$s and c!ick D9inis'D. I you wis' to a!ter settin$s at any time7 press D0ackD.
Scan for 3nown Applications
The Scan ,or Hnown 0pplications WiBard
T'e DScan or 3nown App!icationsD wi8ard is used to create automatic ru!es or a wide ran$e o popu!ar
app!ications7 inc!udin$ Internet ?=p!orer7 Skype7 9ire9o=7 MS. Messen$er. It a!so creates automatic ru!es or
critica! system processes suc' as svc'ost.e=e.
*sin$ t'e DScan or known app!icationsD wi8ard instructs ,omodo 9irewa!! to audit t'e app!ications current!y
insta!!ed on your computer.
T'e wi8ard wi!! searc' your system or app!ications it reco$ni8es and wi!! t'en ask you i you want to $rant
t'e permissions it needs to operate.
0pplication +onitor
*sin$ ,omodo 9irewa!!7 you can protect your system7 :e$innin$ wit' t'e individua! app!ications t'at you
'ave runnin$ on your system. *sin$ App!ication ,ontro! ru!es7 you can set t'e permission status o an
app!ication.
App!ication i!terin$ ru!es can :e added/modiied/de!eted t'rou$' App!ication ,ontro! #u!e attri:utes.
0pplication Control %'les
,!ick on t'e DSecurity ta:D t'en t'e Application Monitor ta: in t'e main irewa!! interace. T'e interace wi!!
t'en disp!ay a !ist o app!ications a!on$side various7 user coni$ura:!e attri:utes.
Col'n :escription
1. T'e 9irst ,o!umn AApp!icationC represents eac' app!icationHs icon and name AdescriptionC < i t'e
app!ication 'as no icon7 t'e deau!t system icon or e=ecuta:!e i!es wi!! :e usedK i no description
AnameC is avai!a:!e7 t'e name o t'e i!e wit'out t'e e=tension wi!! :e disp!ayed.
2. T'e Second ,o!umn ADestinationC represents t'e remote I- Address o t'e app!ication.
3. T'e T'ird ,o!umn A-ortC represents t'e -ort .um:ers o individua! app!ications.
). T'e 9ourt' ,o!umn A-rotoco!C represents t'e -rotoco!7 usua!!y T,-7 *D- or 0ot'7 as we!! as
direction o communication as Incomin$ or 6ut$oin$.
5. T'e 9it' ,o!umn A-ermissionC represents t'e action taken :y t'e irewa!! !ike A!!owed 7 Trusted 7
Disa!!owed etc..
Comodo Firewall 2.3 User Guide #3
Fiure: Application Control 8ules
Se!ectin$ any o t'e app!ications in t'e irst co!umn a!so disp!ays addition inormation in t'e DDetai!sD pane! at
t'e oot o t'e screen. T'ese areB
Sec'tit$ %is4 > t'e i!e pat' o individua! app!ications.
Connections > t'e state o connection o t'e app!ication as esta:!is'ed at t'e rate o num:er per minute.
=ath > t'e i!e pat' o individua! app!ication on your 'ard drive
=arent path > t'e -arent app!icationDs !ocation on your 'ard drive
:escription > T'e name o t'e app!ication. I t'e app!ication is in t'e irewa!! data:ase7 you wi!! see a :rie
out!ine o t'e production unctiona!ity and main eatures
)n"isi7le! W'ic' action t'e irewa!! s'ou!d take i t'is app!ication attempts to make an invisi:!e connection.
T'is eature is set in t'e App!ication #u!es/Misce!!aneous ta:
8ersion> T'e speciic version num:er o t'e app!ication you 'ave se!ected.
0dd D Edit an 0pplication Control %'le
Jou can add or modiy or remove an app!ication contro! ru!e :y c!ickin$ on t'e 0ddD EditD %eo"e :uttons at
t'e top o t'e !istB
A!ternative!y7 se!ectin$ any app!ication and ri$'t c!ickin$ wi!! disp!ay a conte=t sensitive menu o t'e same
unctiona!ityB
A a ,ew Application #ontrol /$le
To create a new app!ication contro! ru!e7 c!ick t'e DAddD :utton at t'e top ri$'t corner o App!ication Monitor.
A dia!o$ue :o= wi!! appear a!!owin$ you to coni$ure t'e new app!ication ru!eB
Select the 0pplication
1. ,!ick D0rowseD to !ocate t'e new app!ication on your computerDs 'ard drive. In t'is case we 'ave c'osen
MS. Messen$er.
2. T'e se!ected app!ication appears a!on$ wit' its !ocation in i!e system pat' .
3. Jou are $iven t'e option to speciy an app!icationHs parent as we!!. ,'eck t'e appropriate radio :utton
to :rowse to t'e -arent App!ication. T'e 9irewa!! wi!! automatica!!y !earn it even i it is not speciied.
inormed. 0y tracin$ an app!icationDs parent process t'e irewa!! knows i anot'er app!ication is tryin$ to
spawn an a!ready trusted app!ication and t'us deny access to t'e network even or t'at trusted app!ication.
<E2=
,!ick ?elp to view t'e &e!p pa$e or 'ow to add a new app!ication contro! ru!e.
I you want speciy t'e network to :e a!!owed access you wi!! 'ave to provide detai!s a:out &ost I- Address7
Services -ort and se!ect t'e mode o Action7 Direction S -rotoco!. T'is is done usin$ t'e our ta:s at t'e oot
o t'e App!ication ,ontro! Window.
DGeneral' ta7
Fiure: Add Application 8ule
T'is area a!!ows you to speciy $enera! atti:utes concernin$ an app!ications ru!e. 9rom 'ere you can instruct
t'e 9irewa!! on w'et'er to a!!ow an app!ication to connect7 usin$ w'ic' protoco! and in w'ic' direction
inormation is permitted to move.
0ction
Se!ect t'e action you want ,omodo 9irewa!! to take w'en t'e ru!e is matc'ed. Se!ect rom A!!ow7 Deny or
Ask as t'e action you wis' t'e 9irewa!! to take.
=rotocol
A!! inormation sent over t'e Internet is communicated usin$ a protoco! ca!!ed T,-/I-. 0ecause a!! o t'e
computers on t'e Internet understand t'is protoco!7 eac' one can communicate wit' every ot'er computer
on t'e Internet. T,- and I- are separate parts o t'is protoco!.
.ow you s'ou!d se!ect t'e protoco! as T,- ATransmission ,ontro! -rotoco!C7 *D- A*ser Data$ram -rotoco!C7
or 0ot' AT,-/ *D-C used :y t'e app!icationAsC.T,- is t'e standard or i!e transers7 as it 'as :ui!t>in error
'and!in$. *D- is aster t'an T,-7 :ut doesnHt provide error 'and!in$. ItHs norma!!y used or streamin$ data7
suc' as video eeds and on>!ine $ames7 w'ere !oss o data is o !ess importance.
:irection
T'en se!ect t'e direction o connection w'et'er it is made :y a remote computer AInC7 :y you A6utC7 or i it
'as :een esta:!is'ed :y 0ot'.
':estination )=' ta7
W'en youHre connected to a network7 or e=amp!e t'e Internet7 your computer7 as any ot'er computer7 is
assi$ned a uni@ue identiication. T'is is ca!!ed an I- address. It consists o ) $roups o num:ers7 ran$in$
rom % to 2557 separated :y a dot.
Example: 192.168.200.113
Speciy t'e 'osts I- addresses rom w'ic' you wi!! a!!ow or deny connections. Jou can se!ect t'e I-
Addresses num:erAsC rom t'e !ist.
Se!ect t'e I- addressB
1. Jou can c'oose any I- Address :y se!ectin$ Any .T'is menu deau!ts to t'e I- ran$e o %.%.%.%>
255.255.255.255 to a!!ow connection rom a!! I- addresses.
2. Jou can c'oose a Sin$!e I- address :y se!ectin$ Sin$!e and enterin$ t'e I- address in t'e I- address te=t
:o=7 or e=7 142.16".2%%.113.
3. Jou can c'oose an I- #an$e :y se!ectin$ I- #an$e or e=amp!e t'e ran$e in your private network and
enterin$ t'e I- addresses in t'e Start #an$e and ?nd #an$e te=t :o=es.
). Jou can c'oose I- address / mask :y se!ectin$ I- Mask. I- networks can :e divided into sma!!er networks
ca!!ed su:networks Aor su:netsC. An I- address/ Mask is a su:net deined :y I- address and mask o t'e
network. ?nter t'e I- address and Mask o t'e network.
5. Jou can c'oose an entire 8one :y se!ectin$ 1one .T'is menu deau!ts to t'e 8one irst deined durin$
insta!!ation. 0ut you can a!so deine your own 8one :y irst creatin$ a 1one t'rou$' t'e Add a 1one s'ortcut.
6. Jou can c'oose to $ive a name :y se!ectin$ &ost .ame w'ic' denotes your I- address.
E>cl'de ?i.e. NOT the choice 7elowA
T'e opposite o w'at you speciy is app!ica:!e.
So i you ,'eck t'e ?=c!ude :o= in7 say7 t'e DDestination I-D ta: and enter va!ues or t'e I- ran$e7 t'ose
va!ues wi!! :e not :e app!ica:!e and va!ues ot'er t'an t'ose speciied :ecome app!ica:!e. I you 'ave c'osen
to e=c!ude a certain ran$e o I- addresses7 you wi!! 'ave to create a seperate DApp!ication #u!eD or t'e ran$e
o I- addresses t'at you D6 want to use.
T'e e=c!ude eature is !imited to t'e su:Fect ta: and does not aect any ot'er parameters you c'oose wit'in
t'e speciic ru!e > so you can 'ave one App!ication ru!e t'at D?=c!udesD certain I- addresses w'i!st DInc!udin$D
certain -orts.
':estination =ort' ta7
A -ort .um:er is used to decide w'ic' service you are a:out to use7 or e=amp!e 7 We: :rowsin$ &TT- 'as
a port num:er o "%.
Jou must enter w'ic' ports are used :y t'e app!icationAsC7 :y se!ectin$ t'e port num:erAsC rom t'e !ist.
Deine -ort TypesB
1. Jou can c'oose any port num:er :y se!ectin$ Any > set :y deau!t 7 %> 65535.
2. Jou can c'oose a Sin$!e -ort num:er :y se!ectin$ Sin$!e -ort and se!ectin$ t'e sin$!e port num:ers rom
t'e !ist.
3. Jou can c'oose a -ort #an$e :y se!ectin$ -ort #an$e and se!ectin$ t'e port num:ers rom t'e 9rom
and To !ist.
). Jou can c'oose a set o ports seperated :y commas e$ "%K))3C
'+iscellaneo's' ta7
0llow in"isi7le connection attepts
,'eckin$ t'is :o= means t'e app!ication is trusted to make invisi:!e connections to t'e internet and wi!! not
$enerate an a!ert.
S4ip ad"anced sec'rit$ chec4s
T'is option is or app!ications w'ic' user a!!ows :ut sti!! or some reasons t'ey ai! to connect. e$. A(G
e>mai! scanner.
2iit n'7er o, connections
T'is contro!s t'e amount o connections per minute t'at an app!ication can create. I you se!ect t'is eature7
t'en t'e menu deau!ts to a !imit o 1% connections per minute.
Comodo Firewall 2.3 User Guide #"
Fiure: 4e*ine .ort
Coponent +onitor
A component7 w'en !oaded into app!icationHs memory7 acts as a part o t'at app!ication 'ence 'avin$ t'e
same network access ri$'ts as t'e app!ication itse!.
,omodo 9irewa!! now va!idates a!! t'e components o an app!ication :eore $rantin$ t'e Internet access.
T'ese components may :e dynamic !ink !i:raries or ActiveI components t'at an app!ication is usin$.
,omponent ,ontro! #u!es can :e added7 removed and app!ied via t'e ,omponent Monitor.
Coponent Control %'les
,!ick on t'e DSecurity ta:D t'en t'e omponent Monitor :utton. T'e interace wi!! t'en disp!ay a !ist o
,omponents a!on$side various user coni$ura:!e attri:utes.
Col'n :escription
1.T'e 9irst ,o!umn A,omponentC represents t'e component i!es
2.T'e Second ,o!umn A(ersionC represents t'e version o t'e components.
3.T'e T'ird ,o!umn A,ompanyC represents t'e deve!oper o t'e components.
).T'e 9ourt' ,o!umn ADescriptionC represents t'e description o t'e components.
5.T'e 9it' ,o!umn A-ermissionC represents t'e action to :e taken :y t'e irewa!!7 w'et'er to A!!ow or 0!ock
access. A!!ow or 0!ock are t'e two types o permissionsB
Comodo Firewall 2.3 User Guide ##
Fiure: Component Control 8ules
1.A!!ow means a!!ow t'e internet access re@uest o t'e app!ication w'ic' 'as t'e component !oaded
into its memory.
2.0!ock means :!ock t'e app!icationHs internet access re@uest w'i!e it 'as t'e component !oaded into
its memory.-ermissions o a component aect t'e w'o!e app!ication i.e. accordin$ to se!ected
components e=istence7 t'e w'o!e app!ication wi!! :e :!ocked or a!!owed access.
Se!ectin$ any o t'e component in t'e irst co!umn a!so disp!ays additiona! inormation in t'e DDetai!sD pane!
at t'e oot o t'e screen7 w'ere comp!ete pat' o t'e component can :e seen.
T'rn On DT'rn O,, D 2earn +ode on Coponent Control %'le
Jou can activate/ deactivate ,omponent Monitor :y c!ickin$ Turn 6n/ Turn o :uttons at t'e top o t'e !ist.
Coponent onitor 'On'
W'en Turn 6n is se!ected7 t'e ,omponent Monitor section o t'e Summary screen wi!! dispay
T'is mode orces t'e irewa!! to c'eck or t'e app!icationsH components in memory :eore $rantin$ t'em
internet access.
I any app!ication tries to make a connection to t'e outside7 t'e irewa!! audits a!! t'e !oaded components and
c'ecks eac' a$ainst t'e !ist o components a!ready a!!owed or :!ocked. I a component is ound to :e
:!ocked7 t'e entire app!ication is denied internet access and an a!ert is $enerated. I t'e irewa!! detects
unknown components At'ose not !isted in t'e irewa!! data:aseC t'en t'e a!ert wi!! contain a ;S'ow
+i:raries...; :utton. ,!ick to review t'e components and decide w'et'er or not to $rant t'em access.
An a!ert simi!ar to t'e o!!owin$ wi!! appear w'en one or more components are ound w'ic' are not !isted.
Comodo Firewall 2.3 User Guide #$
Fiure: Green
To c'eck t'e components c!ick Show 2i7raries@ w'ic' wi!! s'ow !ist o components.
I any o t'e components !oaded :y app!ication is set to :e :!ocked7 t'e app!ication is not a!!owed to connect.
So in order or an app!ication to connect out7 a!! itDs components must :e a!!owed.
W'en you se!ect As: a$ainst a component7 you wi!! :e prompted to AllowB 4en& access every time t'is
component appears in any app!icationDs memory
Coponent onitor 'O,,'
W'en -urn %** is se!ected7 t'e ,omponent Monitor section o t'e Summary screen wi!! dispay
Deactivatin$ t'e component monitor means t'e irewa!! does not c'eck components !oaded :y an app!ication
makin$ a connection and t'ereore any ru!es set or itDs components are i$nored.
Coponent onitor '2earn +ode'
W'en you insta!! ,omodo 9irewa!! t'e ,omponent Montitor is set to D+earnD mode :y deau!t
W'ereas t'e num:er o internet
accessin$ app!ications wi!! usua!!y :e re!ative!y sma!!7 t'ere is a!ways a 'u$e num:er o components !oaded
wit'in t'ese app!ications. 0y ena:!in$ !earn mode t'e irewa!! wi!! :e orced to !earn and :ui!d t'e component
proi!e o t'e -,. W'enever an a!!owed app!ication attempts to connect to t'e internet7 ,omodo 9irewa!! wi!!
add a!! t'e components it !oads to t'e contro! ru!e !ist. 0y deau!t7 eac' o t'ese components in'erit t'e
app!ications DA!!owD status. *sers 'ave t'e option to c'an$e t'is status :y se!ectin$ one t'e appropriate
A!!ow/0!ock/Ask radio :utton.
0dd D %eo"e an Coponent Control %'le
Jou can add or remove an ,omponent contro! ru!e :y c!ickin$ on t'e Add/ #emove :uttons at t'e top o t'e
!istB
Comodo Firewall 2.3 User Guide #+
0dd: 6pens a new component dia!o$ and !ets you c'ose t'e component you want to add as a ru!e.
Ater t'e ru!e is added7 you can c'oose t'e permission to A!!ow or 0!ock access.
%eo"e: #emove t'e se!ected components rom t'e !ist
Se!ect t'e component w'ic' you want to remove rom t'e ru!es !ist and ,!ick #emove.
0ppl$: Saves your settin$s ater addin$/removin$ components.
%e,resh: W'en in !earnin$ mode7 ,-9 continuous!y updates t'e component data:ase w'ic' may not :e
re!ected to component monitor !ist unti! #eres' :utton is pressed.
Networ4 +onitor
,!ick on t'e .etwork Monitor ta: in t'e Security main screen.
.etwork i!terin$ ru!es can :e added/modiied/de!eted t'rou$' .etwork ,ontro! #u!e Attri:utes. Any ru!es
created usin$ Add .ew .etwork ,ontro! #u!e wi!! :e disp!ayed in t'is !ist.
,omodo 9irewa!! app!ies ru!es on a per pac!et :asis and app!ies t'e irst ru!e t'at matc'es t'at packet type
to :e i!tered. I t'ere are a num:er o ru!es in t'e !ist re!atin$ to a packet type7 t'e one nearer t'e top o t'e
!ist wi!! :e app!ied.
T'rn OnD T'rn O,,
T'e radio :uttons speciy w'et'er t'e vio!ation o t'e !isted ru!es $enerates an a!ert notiication. T'e deau!t
and recommended settin$ is DTurn 6nD.
Col'n :escriptions
1. T'e 9irst ,o!umn A IDC represents t'e seria! num:er o t'e app!ied network ru!e.
2. T'e Second ,o!umn A-ermissionC represents t'e action taken :y t'e irewa!!7 o eit'er a!!owin$ or
disa!!owin$ a network connection to :e esta:!is'ed.
3. T'e T'ird ,o!umn A -rotoco!C represents t'e direction o communication !ike incomin$ or out$oin$
and t'e protoco! :ein$ used.
). T'e 9it' ,o!umn A#emoteC represents t'e I- Address o t'e computer accessin$ t'e network .
5. T'e Si=t' ,o!umn A,riteriaC represents t'e -ort .um:ers o individua! app!ications.
Fiure: 2etwor: Control 8ules
#u!es can :e modiied :y #i$'t ,!ickin$ on any ru!e in t'e !ist. ,omodo 9irewa!! t'en disp!ays a conte=t
sensitive menuB
Shortc't B'ttons
A!ternative!y7 you can add7modiy7 remove7 promote or de>esca!ate a network contro! ru!e :y irst se!ectin$ a
ru!e t'en c!ickin$ on t'e desired :utton in t'e task:ar.
See :e!ow or more detai!s on t'ese actions.
Networ4 +onitor %'le Con,ig'ration Options
0dd %'le.. Adds a new .etwork ,ontro! #u!e to t'e !ist.
0dd Be,ore... Adds t'e new ru!e a:ove t'e current!y se!ected ru!e.
0dd 0,ter... Adds t'e new ru!e ater t'e current!y se!ected ru!e.
Edit... A!!ows t'e user to amend t'e network contro! ru!e options or t'e se!ected ru!e.
%eo"e... De!etes t'e current!y se!ected ru!e.
+o"e .p > Moves t'e current!y se!ected ru!e up one row in t'e priority !ist.
+o"e :own > S'its t'e current!y se!ected ru!e down one row in t'e priority !ist.
Comodo Firewall 2.3 User Guide $3
0d"anced Con,ig'ration
6ne o t'e key capa:i!ities o ,omodo 9irewa!! is Intrusion detection and intrusion prevention. It ana!y8es
network packets and compares t'em wit' :ot' known attacks and known patterns o attack7 and t'en :!ocks
t'ose attacks. Advanced ,oni$uration a!!ows t'e user to coni$ure t'e security settin$s at an advanced
!eve!.
In Advanced ,oni$uration7 you can coni$ure t'e security settin$s at t'e o!!owin$ !eve!sB
Application .eha%io$r Analysis
,omodo 9irewa!! ana!yses eac' app!icationHs :e'avior and detects any suspicious activity :eore $rantin$ it
internet access. T'is poweru! new eature ena:!es it to detect more troFan activity t'an any ot'er irewa!! >
t'e u!timate protection a$ainst t'e !eaks t'at t'e most persona! irewa!!s ai! to detect7 inc!udin$B
-rocess memory inFections
Invisi:!e processes
-arent app!ication c'an$e
D++/,ode inFections
Fiure: Ad<anced Con*iuration
Ena7le 0pplication Beha"io'r 0nal$sis > Switc'es t'e unctiona!ity on or o
+onitor )nter!=rocess )nFections +eor$ +odi,ications > 9orces t'e irewa!! to monitor common code
inFection tec'ni@ues t'at can :e used :y viruses
+onitor :22 )nFections > 9orces t'e irewa!! to monitor common D++ inFection tec'ni@ues used :y viruses
+onitor Window +essages > 9orces t'e irewa!! to monitor specia! window messa$es t'at can :e used to
manipu!ate an app!icationHs :e'avior :y a virus
+onitor :NS G'eries > 9orces t'e irewa!! to monitor D.S re@uests so t'at viruses tryin$ to use Windows
system services or D.S @ueries wi!! :e detected.
+onitor =arent 0pplication 2ea4s > 9orces t'e irewa!! to c'eck i t'ere is a !eakin$ attempt in t'e parent
app!ication. i.e. i -rocess InFection is se!ected a:ove7 ,omodo 9irewa!! wi!! !ook or t'e parent app!ication to
see i t'ere is a process inFection in it :eore a!!owin$ t'e internet re@uest.
+onitor CO+DO2E a'toation attepts > W'en ena:!ed7 orces t'e irewa!! to detect any pro$ram
'iFackin$ attempt w'ic' may occur :y misuse o ,6M/6+? interaces :y ot'er pro$rams.E
A%ance Attac2 +etection an )re%ention
')ntr'sion :etection' ta7
,omodo 9irewa!! Advanced Attack Detection protects a$ainst a common type o denia! o service ADoSC
attack used a$ainst servers. W'en !aunc'in$ a denia! o service or D!oodD attack7 an attacker :om:ards you
wit' so many connection re@uests t'at your computer is una:!e to accept !e$itimate connections7 eective!y
s'uttin$ down your we:7 emai!7 9T- or (-. server. ,omodo 9irewa!! emp!oys parameters to detect and
protect you rom !ood attacks.
,omodo 9irewa!! is capa:!e o i!terin$ traic :ased on /T,-/*D- ports and packet types. It can :e
coni$ured to accept !imited traic rom speciic addresses or comp!ete!y pro'i:it a!! access. In addition7
speciic T,-/*D- traic7 or any app!ication :ased on t'ese protoco!s can :e restricted. Advanced
mec'anism or !ood detection7 suc' as T,- !ood7 *D- !ood and I,M- !ood7 a!!ows or @uick iso!ation o
suc' ma!icious attacks.
Fiure: /ntrusion 4etection ta)
TC= Flood D .:= Flood D )C+= Flood
9!ood attacks 'appen w'en many packets o data are sent eit'er via T,-7 *D- or I,M- wit' a spooed I-
source address w'ic' wi!! never send :ack a response to t'e destination server. T'is resu!ts in a :ack!o$ o
responses. W'en t'is is done mu!tip!e times rom mu!tip!e sources it !oods t'e destination server7 w'ic' 'as
a !imit o unacknow!ed$ed responses it can 'and!e. T'is wi!! u!timate!y :rin$ down t'e server. 0y deau!t7
,omodo 9irewa!! is coni$ured to accept !imited traic or a set duration7 or e=amp!e7 5% packets per second
or 2% seconds. I t'e packets t'res'o!d is e=ceeded7 a D6S attack is detected and t'e 9irewa!! $oes into
emer$ency mode. T'e irewa!! wi!! stay in emer$ency mode or t'e duration set :y user. 0y deau!t t'is is set
at 12% seconds. *sers can a!ter t'is to t'eir own preerence :y coni$urin$ &ow !on$ s'ou!d t'e 'ost stay in
emer$ency mode w'i!e t'e 'ost is under dos attack Asee :e!owC7 :y deau!t7 t'e duration is set to 12%
seconds. In t'e emer$ency mode7 a!! in:ound traic is :!ocked e=cept t'ose previous!y esta:!is'ed and
active connections. &owever7 a!! out:ound traic is sti!! a!!owed.
=orts =ro7e %ate
-ort scannin$7 a avorite approac' o computer cracker7 $ives t'e assai!ant an idea w'ere to pro:e or
weaknesses. ?ssentia!!y7 a port scan consists o sendin$ a messa$e to eac' port7 one at a time. T'e kind o
response received indicates w'et'er t'e port is used and can t'ereore :e pro:ed or weakness.
,omodo 9irewa!! detects t'e most common orms o port scans7 a!ertin$ you and temporari!y :!ockin$ t'e
:annin$ t'e I- address o t'e scanner7 ensurin$ t'at t'ey are ;cut o; :eore t'ey can discover any useu!
inormation a:out your system.
T'is is ena:!ed :y t'e -ort Scan -ro:e #ate i.e. :y deau!t7 w'en t'e num:er o individua! ports scans
e=ceeds 5% per second at your systemK t'is pattern is detected as a port scan. T'is indicates t'at someone
is scannin$ your system or services or vu!nera:i!ities7 ,omodo 9irewa!! wi!! detect t'is as a port scan.
<ow long sho'ld a s'spicio's host 7e...
I a port san is detected7 t'e 9irewa!! identiies t'e 'ost scannin$ your system as suspicious and
automatica!!y :!ocks its access or e=amp!e 5 minutes7 as set :y deau!t. Durin$ t'ese 5 minutes7 t'e
suspicious 'ost cannot access t'e userHs system :ut t'e userHs system can access it.
<ow long sho'ld the ,irewall sta$ in eergenc$ ode...
W'en a D6S is detected7 t'e 9irewa!! $oes into emer$ency mode or a duration 7 set :y deau!t to 12%
seconds . Durin$ t'is stea!t' mode7 t'e e=istence o your computer :ecomes Dinvisi:!eD as a!! in:ound traic
is :!ocked or t'at duration. W'en your mac'ine does not rep!y to network events7 t'e sender is !ed to
:e!ieve t'at t'ere is no mac'ine at t'e I- addresses w'ic' t'eyDre pin$in$. &idin$ your mac'ineDs presence
on t'e Internet is in some ways $ood rom a security standpoint7 :ecause i a 'acker t'inks t'at your
mac'ine is not on!ine7 t'ey may not make urt'er attempts to access it.
Comodo Firewall 2.3 User Guide $"
'+iscellaneo's' ta7
Bloc4 all o'tgoing connections while 7ooting
T'is option a!!ows t'e user to secure t'e 'ost w'i!st :ootin$ :y :!ockin$ a!! connection attempts unti! t'e
system is up and runnin$.
Bloc4 ,ragented )= :atagras
W'en a connection is opened :etween two computers7 t'ey must a$ree on a Mass Transmission *nit
AMT*C. I- ra$mentation occurs w'en you pass t'rou$' a router wit' an MT* !ess t'an t'e MT* you are
usin$ i.e w'en a data$ram is !ar$er t'an t'e MT* o t'e network over w'ic' it must :e sent7 it is divided into
sma!!er ra$ments w'ic' are eac' sent separate!y. 9ra$emented I- packets can create t'reats !ike D6S
attack. Moreover7 t'ese ra$mentations can dou:!e t'e amount o time it takes to send a sin$!e packet and
s!ow down your down!oad time.
,omodo 9irewa!! is set :y deau!t to :!ock ra$mented I- data$rams i.e t'e option 0!ock 9ra$mented I-
data$rams is c'ecked :y deau!t.
:o =rotocol 0nal$sis
-rotoco! Ana!ysis is key to t'e detection o ake packets used in denia! o service attacks. ,'eckin$ t'is
Comodo Firewall 2.3 User Guide $#
Fiure: Miscellaneous ta)
option means ,omodo 9irewa!! c'ecks every packet conorms to t'at protoco!s standards. I not7 t'en t'e
packets are :!ocked.
:o =ac4et Chec4s' 8eri,ication
?very packet o data sent to your mac'ine 'as a si$nature attac'ed. Wit' t'is option ena:!ed7 ,omodo
9irewa!! wi!! reca!cu!ate t'e c'ecksum o t'e incomin$ packet and compare t'is a$ainst t'e c'ecksum stated
in t'e si$nature. I t'e two do not matc' t'en t'e packet 'as :een a!tered since transmission and ,omodo
9irewa!! wi!! :!ock it.
+onitor other N:)S protocols than TC=D)=
T'is wi!! orce ,omodo 9irewa!! to capture t'e packets :e!on$in$ to any ot'er protoco! diver t'an T,-/I-.
TroFans can use t'eir own protoco! driver to send/receive packets. T'is option is useu! to catc' suc'
attempts. T'is option is disa:!ed :y deau!tB :ecause it can reduce system perormance and may :e
incompati:!e wit' some protoco! drivers.
'iscellaneo$s
T'e Misce!!aneous section a!!ows you to A1C Mana$e t'e $eneration o a!erts in ,omodo 9irewa!! A2C
,oni$ure various pro$ram settin$s.
Comodo Firewall 2.3 User Guide $$

Firewall 0lerts
Ena7le 0lerts
Switc'es a!erts on or o. *nc'eckin$ t'is option means no a!erts wi!! :e $enerated :y t'e pro$ram. W'i!st
t'is does not aect your security Aw'ic' is determined :y t'e ru!es t'at you 'ave created or t'e irewa!!C7 it
wi!! diminis' your awareness o connection attempts. Wit'out a!erts7 any connection attempts t'at do not
'ave any matc'in$ ru!es wi!! :e :!ocked :ut you wi!! not :e notiied. &owever7 in t'e case o serious attacks7
t'is settin$ wi!! :e over>ru!ed and an a!ert $enerated. It is 'i$'!y recommended t'at you !eave t'is option
c'ecked and coni$ure pop up re@uency usin$ t'e A!ert 9re@uency S!ider Asee :e!owC
:o not show alerts ,or applications certi,ied 7$ Coodo
T'is option automatica!!y approves sae app!ications. W'en ena:!ed7 it orces t'e irewa!! to a!!ow a!!
activities o an app!ication w'ic' is reco$ni8ed as sae :y its interna! data:ase o over 1%%%% app!ications.
*n!ess e=p!icit!y :!ocked :y a ru!e7 t'e irewa!! wi!! a!!ow any activity o t'e sae app!ications w'i!e sti!!
watc'in$ or suspicious activities. T'e irewa!! wi!! sti!! raise an a!ert i it detects anyt'in$ suspicious. T'is
option is useu! or avoidin$ unnecessary num:er o a!erts.
S4ip loop7ac4 ?13#.>.>.>A .:= connections
+oop:ack connections reer to t'e interna! communcations wit'in your -,. Any messa$e transmitted :y your
computer t'rou$' a !oop:ack connection is immediate!y a!so received :y it. T'is invo!ves no connection
outside your computer to t'e internet or a !oca! network. T'is option is c'ecked :y deau!t :ecause t'e t'reat
proi!e is very !ow or *D- attack usin$ t'is c'anne! w'i!st ena:!in$ wou!d !ead to a !ar$e increase in
unnecessary a!erts.
S4ip loop7ac4 ?13#.>.>.>A TC= connections
+oop:ack connections reer to t'e interna! communciations wit'in your -,. Any messa$e transmitted :y
your computer t'rou$' a !oop:ack connection is immediate!y a!so received :y it. T'is invo!ves no connection
outside your computer to t'e internet or a !oca! network. T'e T,- option is not c'ecked :y deau!t :ecause7
in t'e case o someone usin$ a pro=y server7 t'ere is a 'i$'er c'ance o attacks :ein$ !aunc'ed usin$ a
!oop:ack connection.
0lert Fre&'enc$ 2e"el
*sers can coni$ure t'e amount o a!erts t'at ,omodo 9irewa!! $enerates wit' t'is s!ider. #aisin$ or !owerin$
t'e s!ider wi!! c'an$e t'e amount o a!erts accordin$!y. It s'ou!d :e noted t'at t'is does not aect your
security7 w'ic' is determined :y t'e ru!es you 'ave coni$ured. 9or t'e vast maFority o users7 t'e deau!t
settin$ o D+owD is t'e perect !eve! > ensurin$ you are kept inormed o connection attempts and suspicious
:e'aviours w'i!st not overw'e!min$ you wit' waves o a!erts.
<ow an$ alerts at a tie sho'ld 7e generatedL
T'e user can coni$ure t'e $eneration o a ma=imum num:er o a!erts to :e $enerated at one time. 0y
deau!t7 t'e ma=imum num:er o a!erts is kept at 2% appearin$ as A!ert 1 % 2%7 2 o 2% and so on. T'e pop>
up window wi!! inc!ude a navi$ation :ar i t'e num:er o a!erts is $reater t'an one and t'e a!erts are stored in
t'e memory so t'at t'e user can navi$ate :etween t'em unti! t'ey are responded to.
<ow long sho'ld an alert reain on the screen i, le,t 'nanswered
Determines 'ow !on$ t'e 9irewa!! wi!! s'ow an a!ert or wit'out any user intervention. 0y deau!t7 t'e timeout
is set at 12% seconds.
Comodo Firewall 2.3 User Guide $+
9or an in dept' e=p!anation o t'e types o a!erts and 'ow to understand t'em7 p!ease reer to A!erts
=rogra Settings
0'toaticall$ chec4 ,or progra ,ile 'pdates
Determines w'et'er or not ,omodo 9irewa!! s'ou!d automatica!!y contact ,omodo servers or updates. We
advise users ena:!e t'is option to maintain t'e 'i$'est !eve! o protection. *sers t'at c'oose to disa:!e
automatic updates can manua!!y down!oad updates :y c!ickin$ t'e D*pdaterD :utton at t'e top ri$'t o t'e
irewa!! interace.
0'toaticall$ chec4 Coodo certi,ied application 'pdates
T'is option a!!ows t'e user to update ,omodo 9irewa!!Ds interna! data:ase o known app!ications rom our
servers on a dai!y :asis. It is 'i$'!y recommended users keep t'is settin$ to itDs deau!t D,'eckedD status.
Show 0pplication window on s$ste start 'p
T'e start or Dsp!as'D screen o t'e irewa!! appears every time you re>start your computer. 9urt'ermore7 :y
deau!t settin$s7 t'e main window o t'e irewa!! wi!! :e opened every time you re>start your computer. I you
do not wis' to see t'e app!ication window on system start>up7 Fust unc'eck t'e S'ow App!ication Window on
System Start *p :o=.
=rotect own registr$ 4e$s and ,iles ,ro 'na'thoriBed odi,ications
Meanin$ t'at ,omodo 9irewa!! re$istry entries and i!es cannot :e de!eted or modiied eit'er accidenta!!y or
de!i:erate!y. T'is vita! security eature prevents ma!icious pro$rams or intruders rom :ein$ a:!e to s'ut
down or sa:ota$e your insta!!ation o ,omodo 9irewa!!. +eavin$ t'is option c'ecked wi!! protect your system
romB
Ma!icious troFan 'orse pro$rams and spyware > T'e irst t'in$ a :ur$!ar does w'en 'e :reaks in to a
'ouse is to switc' t'e a!arm o. To avoid detection7 many troFan 'orse pro$rams o!!ow t'e same
!o$ic and attempt to modiy or remove t'e userDs irewa!!. T'is eature prevents any suc' attacks.
Manua! de!etion or modiication. *ser interaction wit' ,omodo 9irewa!! !i:raries and i!es is disa:!ed.
e.$. A user cannot accidenta!!y de!ete irewa!! re$istry keys usin$ uti!ities suc' as Windows #e$?dit.
Simi!ar!y7 a 'acker is not a:!e to disa:!e or de!ete critica! irewa!! system i!es suc' as Dcp.e=eD.
07o't Coodo Firewall
,!ickin$ t'e DA:outD ta: on t'e ,omodo 9irewa!! Summary pa$e to view t'e DA:outD inormation dia!o$.
9rom 'ere you can view inormation a:out t'e (ersion .um:er o t'e 9irewa!! t'at is insta!!ed on your
computer 7 t'e We: site rom w'ere you can down!oad t'e !atest version o t'e ,omodo 9irewa!! and t'e
status o your !icense !ike Su:scription va!idity 7 type o +icense and t'e ?=piration date o t'e +icense. Jou
can a!so update t'e +icense :y c!ickin$ on t'e .pdate 2icense ta:. A.oteB T'is option on!y appears i you
'ave not yet activated your !icense. See Activatin$ your 9ree +icense or more detai!s.C
9or more inormation7 you can visit t'e site B'ttpB//www.persona!irewa!!.comodo.com and
'ttpB//www.comodo.com/.
Fiure: A)out Comodo Firewall
07o't Coodo
is a !eadin$ $!o:a! provider o Identity and Trust Assurance services on t'e
Internet7 wit' over 2%%7%%% customers wor!dwide. &ead@uartered in Qersey ,ity7
.Q wit' $!o:a! oices in t'e *37 *kraine7 and India7 t'e company oers :usinesses and consumers t'e
inte!!i$ent security7 aut'entication and assurance services necessary to ensure trust in on!ine transactions.
,omodo
As a !eadin$ ,ertiication Aut'ority7 and in com:ination wit' t'e Di$ita! Trust +a: ADT+C7 ,omodo 'e!ps
enterprises address di$ita! ecommerce and inrastructure needs wit' re!ia:!e7 t'ird $eneration so!utions t'at
improve customer re!ations'ip7 en'ance customer trust and create eiciencies across di$ita! ecommerce
operations. ,omodoDs so!utions inc!ude SS+ certiicates7 inte$rated We: 'ostin$ mana$ement so!utions7 we:
content aut'entication7 inrastructure services7 di$ita! ecommerce services7 di$ita! certiication7 identity
assurance7 customer privacy and vu!nera:i!ity mana$ement so!utions.

is de!iverin$ t'e 'i$'!y rated ,omodo -ersona! 9irewa!! 2 ree to consumers as
part o an initiative to empower consumers to create a sae and trusted on!ine
e=perience w'enever t'ey $o on!ine. T'is initiative wi!! make avai!a:!e ree to a!! consumers some o t'e
!eadin$ too!s t'at consumers can use to :e sae and avoid !eadin$ t'reats suc' as -'is'in$ attacks.
,omodo

To down!oad ,omodo -ersona! 9irewa!! and ot'er ree security products7 visit
'ttpB//www.,omodo$roup.com/products/reeVproducts.'tm!
Comodo Firewall 2.3 User Guide +3
Getting S'pport
Need <elpL
Coodo For's
T'e astest way to $et urt'er assistance on ,omodo 9irewa!! is :y Foinin$ ,omodo 9orums7 a messa$e
:oard e=c!usive!y created or our users to discuss anyt'in$ re!ated to our products. #e$ister ree at
'ttpB//orums.comodo.com
JouH!! :eneit rom t'e e=pert contri:utions o deve!opers and e!!ow users a!ike and weDd !ove to 'ear your
t'ou$'ts and su$$estions.
*sers can a!so access t'e orums :y c!ickin$ ;.eed &e!p2; in t'e DTasksD main screen.

Online Hnowledge Base

We a!so 'ave an on!ine know!ed$e :ase and support ticketin$ system at 'ttpB//support.comodo.com .
#e$istration is ree.
Comodo Firewall 2.3 User Guide +1

Comodo Firewall 2.3 User Guide

Cargado por

Información del documento

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

Comodo Firewall 2.3 User Guide

Cargado por

Copyright:

Formatos disponibles

Comodo Firewall 2.

También podría gustarte