Optimal settings for Comodo Internet Security. Comodo Firewall - best free Windows firewall Comodo firewall deny LAN access

The main firewall modes in the advanced settings window are: Custom rule set, when an alert will be raised for all applications that do not have a network rule, and Safe mode, when outgoing connections are allowed to trusted applications by default. The procedure for applying the rules is detailed. Additional, little-used modes: Complete blocking, when any network activity is suppressed, regardless of the rules, and Learning mode, in which any connections are allowed and allowing rules are automatically created.

The option "Create rules for secure applications"Instructs in" Safe Mode "not only to allow network activity to trusted applications, but also to automatically create rules for them. I do not recommend including, as well as. This option does not affect work in the "Custom Rule Set" mode.

If the "Do not show notifications" option is checked, then the selected action will be applied instead of the notification: permission or block. In this case, new rules will not be created. I recommend setting the "Do not show notifications: Block requests" mode after creating all the necessary rules.

If you check the "Remember my choice" option when responding to an alert, a corresponding rule will be created. The Alert Rate option determines how granular this rule will be. If, for example, set the level "Very low", then the rule will allow or deny any network activity at once. I recommend the level "Very High": then the rule will contain the IP address and port.

If the "Automatically detect private networks" option is enabled on the "Network zones" tab, when you connect to a new network, a prompt will appear prompting you to indicate its status. This will create a new entry in the list of network zones, and if you select the status of "home" or "work" network, allowing rules will also be created for it. If the option "Do not show notifications, considering that the connection to the Internet is ..." is enabled along with this option, then new records about network zones and allowing rules for them will be created automatically, without notifications. I recommend disabling both options: in this case, the connection will occur without notification and without creating new rules, i.e. the network will be silently perceived as "public".

When connected to an unsecured Wi-Fi networks there are notifications with a proposal to use paid service Trustconnect. The display of these notifications is disabled by the corresponding option.

To control connections inside the computer (for example, to prohibit certain programs from accessing the Internet through a local proxy server), you need to check the "Enable loopback traffic filtering" option (recommended).

To control connections over the IP protocol version not only of IPv4, but also of IPv6, check the "Enable IPv6 traffic filtering" option (recommended).

The Block IP Fragmented Traffic option protects against an attack based on sending a TCP packet that is so fragmented that its header and TCP session cannot be determined. I recommend turning it on.

The "Analyze protocol" option instructs to check each packet for compliance with protocol standards, while fake packets are blocked. I recommend turning it on.

Finally, the "Enable ARP Spoofing Protection" option protects the ARP table from being altered by an attacker who sends a "spontaneous ARP response" (no request response). I recommend turning it on.

Create firewall rules

Application rules

The usual way to create a rule for an application is:

• open the "Rules for Applications" tab, click "Add";
• specify the application, this can be done in different ways:
  • to push Browse → Files and specify the file;
  • to push Overview -> Running Processes and select an application;
  • to push Overview and select a group of files;
  • enter the path directly into the "Name" field (or a pattern using the * and? symbols and environment variables);
• set rules:
  • or click "Use a set of rules" and select the required set from the list;
  • or click "Use your own set of rules" and add your own rules (you can copy any set);
• click "Ok" and arrange the rules for applications using the "Up" / "Down" buttons.

When adding your own rule, you will need to specify:

• action: "Allow", "Block", or "Ask";
• direction: incoming (i.e. initiated remotely), outgoing (i.e. initiated on this computer) or any;
• description: text representing the given rule; if not specified, a detailed description will be displayed in the list of rules;
• departure address and destination address;
• protocol:
  • IP, in this case it will be possible to specify the protocol on the "IP Details" tab;
  • ICMP, in this case on the "ICMP details" tab it will be possible to specify the type and ICMP message;
  • TCP and / or UDP, in this case it will be possible to set the source port and destination port;
• an option whether to log network activity in the log.

Note that not only a single IP address, but also a network zone and many other objects can act as a source / destination address, and you can also invert the selection with the "Exclude" option. Similarly, source / destination ports can be a set of ports, incl. inverted. Note that the remote address for the outgoing connection is the "Destination address", and the remote address for the incoming connection is the "Starting address"; Likewise with ports. Therefore, generally speaking, the simultaneous permission of incoming and outgoing connections with any remote host is specified by two rules:

• one rule allows incoming from a remote host to any address;
• the other allows outgoing from any address to a given remote host.

When specifying a set of several rules, you should order them taking into account that the rule located above takes precedence.

Global rules

Global rules determine the network activity of a computer as a whole; their restrictions take precedence over rules for applications. Denials specified in global rules are more effective than application rules. In particular, hiding ports globally makes the computer invisible when trying to scan them.

There are predefined sets of global rules. The interface for switching between them is presented as a choice of the computer visibility mode on the network: "Block incoming connections" or "Notify about incoming connections" ( Main Window → Tasks → Firewall Tasks → Hide Ports).

Selecting the "Notify on incoming" mode removes the global blocking of incoming connections and imposes further control on the rules for applications. However, it is safer to still allow incoming only to certain ports and / or from certain networks, and block the rest. So, the screenshot shows a sample of global rules with the minimum permission of incoming connections, which are required only for replies to ping requests from local network, opening access to files from it, seeing the names of the network environment and for the torrent client to work. There are approaches for.

Creation of your own global rules is carried out in the same way, the only difference is the absence of the "Ask" action.

Filegroups, Network Zones, Port Sets, and Rule Sets

You can reduce many of the same operations and make your rules more visual by creating your own filegroups, network zones, port sets, and custom rule sets.

Groups of files are formed on the tab File rating → File groups, these are named sets of their pattern paths using wildcards * and? and environment variables. For example, using them allows you to create rules for the operation and auto-update of a Flash player or Java, since these processes change file names and use temporarily created loaders. You can specify name templates without using file groups, however, groups are preferable due to clarity, compactness, and the ability to assign restrictions of a certain kind simultaneously in different protection components. For example, you can create a group "NoInternet", which will be simultaneously denied direct Internet connections, DNS queries, the use of the BITS service, starting the browser and access to its memory.

On the Rule Sets tab, you can see which rules are contained in the predefined firewall policies, and modify these policies, or create your own. In the future, it will be possible to assign these policies to applications: through the "Rules for Applications" tab or through firewall notifications. Note that only those policies will be offered in the notification, which specify an unambiguous action for this network activity: allow or deny. For example, if an application tries to contact the web server on port 80, the alert will not offer the policy " Mail client", But the policies" Web browser "," FTP-client ", etc. - will be.

On the Port Sets tab, you can group any combination of ports into a named set so that you can use it later in rules as a source or destination port. When creating sets, you can combine single ports, port ranges, and their inversions.

The "Network zones" tab has the following peculiarity: on it you can not only group addresses into named "zones" for their further use in rules (as a source or destination address), but also set the status of these zones. So, if you create a zone and then add it to the Blocked Zones tab, then all connections to it will be blocked, regardless of the rules. In addition, the network zone can be marked with the status "Network general access».

The procedure for applying firewall rules

When network activity is detected, it first checks whether the remote address belongs to any. If it belongs, then the connection blocked... If not, consideration begins global rules.

Global rules are viewed from top to bottom. If for the requested type of connection the first rule with the action "block" is found, the connection prohibited... If no matching rule is found, or if an allowing rule is found first, consideration begins rules for applications.

When a program tries to establish a connection (allowed by global rules), the list of applications and rules for them is scrolled from top to bottom. At the first match found (i.e. when a given program or a group of programs containing it and the requested type of connection is encountered), the action specified in the rule will be performed: allow, block or show notification(if the "Do not show notifications" option is enabled in the setting, then the action specified in this option will be performed instead of the notification: allow or block).

If no suitable firewall is found in the list of firewall rules, the connection will be automatically allowed in the following cases:

• when the firewall works in the "Learning Mode" (in this case, a permitting rule will be created);
• when the option "Do not show notifications: Allow requests" is enabled;
• when the firewall is running in "Safe Mode", the "Do not show notifications" option is disabled, and the program is trusted and runs in a real environment;
• when the firewall is running in "Safe Mode", the program is trusted and runs in the real environment, and the requested connection is outgoing.

In other cases, an alert is generated, or if the option "Do not show alerts: Block requests" is enabled, the connection is denied.

In particular, I would like to note that programs running virtually are controlled by a firewall, regardless of their rating. Therefore, even if the firewall is running in "Safe Mode", you will need to create permissive rules to use browsers.

You may notice that in "Safe Mode" the firewall is somewhat illogical to process incoming connections of trusted programs. This is probably a bug.

Access to local network resources

By default, the firewall rules do not have permissions to obtain information about the network environment, open file sharing on the local network, etc. These permissions are not needed if the network is only used to access the internet.

Trusted network status

The easiest way to create permissions for a local network is to assign it a "trusted" status. This can be done in a number of ways.

If the "Automatically detect new private networks" option is enabled on the "Network zones" tab, then when you connect to a new network, an alert appears in which you need to indicate your location. The “trusted” status is assigned by choosing the options “at home” or “at work”. This will create a pair of global rules to allow any outbound and any inbound connections to that network, and a pair of similar rules for the System process. If you select the option "in a public place", new rules are not created.

If the discovery of new networks is disabled or the network was previously assigned the status of "public", then you should open the "Network Management" window ( Main window → Tasks → Firewall tasks), check the "Trust networks" item and click "Ok". The result will be similar to the previous one.

To return the network to its neutral status, the easiest way is to select the "Block network" item in the "Network Management" window, and then open the tab in the settings window. Network Zones → Blocked Zones and remove this network from there.

There is a bug: when a network zone is not created for an active network and in fact this network is treated as a "public" one, then the "trusted" status will be indicated in the "Network Management" window for this network.

Attention! If you press the "Ok" button in such a window, then the active network will indeed become "trusted", i.e. a corresponding entry will appear in the list of network zones and firewall rules will be created to allow connections on this network. If network trust is not required, then close the "Network Management" window with the "Cancel" button.

Example of permissions for accessing a local network

Trusting a local network can only be established if it is completely secure. Therefore, it is recommended to assign the network status neutral (“public space”), enable and then add the necessary permissions. Typically, in order to access network resources, in addition to the original rules, allow the System process the following incoming connections (everywhere the “origin address” is the local network):

• UDP connections with source port 137 and destination port 137: so that you can refer to computers by NetBIOS names;
• UDP connections with source port 138 and destination port 138: so that you can still see the network environment;
• TCP connections on destination port 445: to open file sharing.

To specify "System" as an application when creating rules, you need to select it from the running processes.

All these permissions must be duplicated in the global rules. They should also allow incoming ICMPv4 connections sent from the local network with the "echo request" message; this is necessary not only to be able to respond to ping requests, but also to open file sharing. An example of a set of global rules.

Firewall features

The Comodo firewall does not control incoming loopback connections (but does control outgoing ones). So, when using a local proxy, it is enough to allow only outgoing connections to the Internet for the proxy server and outgoing to “localhost” for the browser (whereas many other firewalls would also require to allow incoming from “localhost” for the proxy server).

It works in a peculiar way: if you specify a domain name as an address in the rule, then CIS will find the minimum and maximum IP addresses for this name, and then all intermediate IPs will be considered as belonging to it.

The peculiarity of the CIS 10 version, which can be called an advantage, - the belonging of ICMP traffic began to be determined various applications... Previous versions of CIS (as well as, for example, Windows firewall) perceived this traffic as belonging to the System.

Content filter

The Content Filter component restricts access to websites by their addresses. Comodo updatable lists are used to determine address security, and custom lists can be defined. When trying to open a prohibited site, the user will see a page with a message about the blocking, as well as, depending on the setting, with a proposal to temporarily ignore the ban or add this site to exceptions.

Categories. Importing custom lists

Lists of addresses or their (using the * and? Characters) are called categories. Comodo's own categories are Safe Sites, Phishing Sites, and Malicious Sites. They update automatically and cannot be viewed or changed. The rest of the categories - available for modification by the user - are set on the "Content filter"> "Categories" tab. Initially, there is a category "Exceptions", it includes sites excluded from blocking through notifications in the browser.

It makes sense to add categories with lists of malicious sites from other sources. Lists and Symantec WebSecurity are recommended. For the latter one should visit the MalwarePatrol website.

To use additional list, follows on the "Categories" tab through context menu create a new empty category and then import the list from a file. When choosing a file, you must specify the list format, otherwise the content filter will not work correctly ( typical mistake users).

Format of posts in content filter categories

A notation in the form of a template covers addresses that completely match this template. For example, * .example.com matches http://test.example.com, but not http://test.example.com/404 or http://example.com.

An entry without wildcards is identical to the pattern obtained by appending a * at the end. For example, the records https://example.com and https: //example.com* are identical, they correspond to the addresses https://example.com, https://example.com/404 and https: //example..example .com. Thus, the site's domain name entry also encompasses its directories, but not subdomains.

The HTTP protocol in the content filter is absence protocol. For example, a record like example.com matches http://example.com, but not https://example.com. An entry of the form example.com/* matches the address http://example.com/404. Attention! The URL http://example.com does not match the records http * example.com * and * / example.com *, i.e. containing at least part of the protocol indication.

The HTTPS protocol is indicated either explicitly or using templates. For example, records https://example.com match addresses https://example.com, https://example.com/404, etc. The * // example.com entry matches https://example.com, but not http://example.com or https://example.com/404.

It should be said that the blocking of HTTPS pages by the content filter occurs without notifications and offers to cancel the ban. Moreover, blocking HTTPS pages may not work depending on the browser used.

So suppose it is required to block the site example.com at the same time for HTTP and HTTPS protocols, with directories, but no subdomains... To do this in the most targeted way, let's add 4 entries to the blocked category:

• example.co?
• example.com/*
• https://example.co?
• https://example.com/*

(Using the? Character instead of any letter prevents the * character from the end of the line.)

Alternatively, you can get by with a single record like * example.com *, but then not only the required addresses will be blocked, but also https://www.example.com/404, https: //myexample..common.html.

Content filter rules

Each content filter rule contains a list of categories to which it applies, and a list of users or their groups with their restrictions. The interface for changing the list of categories is obvious.

Users and their groups are added through the context menu in the "Restrictions" field: "Add"> "Advanced ..."> "Object types"> check all> "Ok"> "Search"> select the required entry> "Ok".

Typically, the "Everyone" group is used as a user. If you need to set different restrictions for different users, you should be sure to indicate the restrictions for each of them... Otherwise, it is possible that a user who is not specified in the rule will gain access to sites from the listed categories, even if there is another prohibiting rule.

According to Windows 8 and higher, in each rule, the entry "ALL APPLICATION PACKAGES" should be added to the list of users with the same restrictions as for users. Otherwise, blocking will not work for Internet Explorer 11.

To work correctly with blocking exclusions, the Allowed Sites rule must be higher than the Blocked Sites rule.

As the saying goes, the flight is normal, but the product is paid and after 30 days it will stop working and will ask for money. Tell me, is there any free firewall of the same quality.

Hello friends! Today's article is about the popular and free Comodo Firewall.

Security software from the Comodo Group developer company gained popularity in the software market due to the presence in software products three important components - a demanded area of ​​application, simplicity and usability of the interface, as well as free distribution. We should also note the flexibility of the developers' approach. So, software package to protect your computer, consisting of antivirus, firewall, Sandbox and other modules can be installed as a whole or selectively by installing only individual modules of either Comodo AntiVirus or Comodo Firewall. It is about the latter that will be discussed in more detail below. Let's take a look at the features of the Comodo Firewall, how to install this program and how to configure it.

Comodo Firewall tasks and features

Firewall Comodo Firewall, despite the fact that the product is free, provides complete protection of your computer from network threats... Moreover, it more than once became the winner of various tests conducted by software Internet resources in order to identify the best software solution of the "Firewall" class. Comodo Firewall is able to protect against attacks by hackers and malware spreading over the network on a level with paid advanced firewalls such as Outpost Firewall Pro. To put it simply, you will not find software of the same quality and even more free of charge on the market..

Comodo Firewall analyzes suspicious activity programs on the computer and checks all of them active ingredients by blocking the launch of everything that can harm your computer. Stealth Mode makes the computer invisible for port scanning by malware. Comodo Firewall automatically detects the trusted zones of your computer, that is, those folders and files that are authorized to be shared on your home or local network.

Unlike its counterpart - which does not get along in the same system with every antivirus, Comodo Firewall is more loyal in this regard. Even if you don't like the specifics or efficiency of Comodo AntiVirus, you can install any other antivirus, since Comodo Firewall usually does not conflict with third-party security software.

Several modes of operation and flexible settings of Comodo Firewall will allow you to customize the desired behavior of the firewall for both beginners and more experienced users.

Installing Comodo Firewall

Run the downloaded installer Comodo programs Firewall.

The installation process is somewhat different from the standard one, since initially it involves setting some parameters of the program's operation. After choosing the program language, we will see the installation wizard window, where you need to select some options. It is optional to indicate your E-Mail.

Leaving all the preset options without changing anything is possible only in such cases:

When it comes to a productive computer or laptop and a high-speed Internet connection;

You fundamentally want to participate in the improvement of security software, in particular, Comodo products, so that the company improves user protection;

You don't trust your ISP's DNS.

A window will open with options for installing the program, where the developer, hoping that you will hurry through the installation and not dig into the installation settings, has prepared in addition to the Comodo Firewall the automatic installation of two more programs - this is a technical support client from the developer Comodo GeekBuddy and a browser with enhanced protection when surfing the web Comodo Dragon. There is no point in contacting the first program for those who do not know of English language and is not going to pay for technical support from Comodo at the end of the free period. Another program - the Chromium-based Comodo Dragon browser - you can download on the Internet for free and install at any other convenient moment when the question of changing the browser comes up.

Now you can safely press the "Forward" button.

In the next window, we are forced to install Yandex elements along the way and the ubiquity of this search engine in the browser. We will refuse this service, since it can hardly be called a missed opportunity in life. We press the button to start the installation at the bottom.

The program will be installed. After launching it, we will see that a computer restart is required. We press the button "Fix".

Launching Comodo Firewall

The computer will reboot, and we will find on the desktop a lot of Comodo Firewall windows - informational help about Comodo technologies, the program operation gadget and a window presets firewall, where we need to indicate which network the computer is connected to - to home, to work, or to a network in a public place, for example, with a Wi-Fi access point.

After that, Comodo Firewall will be minimized to the system tray, from where the program interface can be called at any time.

Any actions performed on the computer for which the firewall has not yet created a rule must be approved, unless, of course, we are talking about an unauthorized launch.

You will have to approve the launch of each program unknown to Comodo Firewall on your computer until the firewall develops rules for itself for each of the programs that are launched. Of course, you have to tinker at first, but this is actually a small price to pay for being able to control network connections.

Configuring Comodo Firewall

Comodo Firewall is designed for a wide range of users, including newbies, and your computer will be safe even with the developer preset settings. But more experienced users will surely be interested in using Comodo Firewall's capabilities for enhanced computer protection.

We launch the firewall using its shortcut in the system tray. In the main window that opens in front of us, we see the status of the program - the computer is under protection. We also see the number of network intrusions, the number of blocked intrusions, software updates.

Using the button in the upper left corner, we can switch to the display of the detailed summary by the program. And then return to the summary view again.

In the main window of Comodo Firewall, there is a "Game Mode" option. Game mode is, in fact, full screen mode, not only in games, but also when watching videos, as well as in any other applications that are displayed in full screen. When switching to this mode, the firewall will not bother us with its notifications and all decisions will be made by itself.

To open the advanced firewall settings, in the main Comodo Firewall window with a detailed summary, click the "Firewall" link.

Will open detailed settings firewall, where you can change certain preset parameters.

For example, at the top of the settings window, you can change the preset "Safe mode" of the firewall, when the network activity of programs in the trusted list is allowed, and Comodo Firewall does not pull on other modes for every reason. For example:

"Complete blocking" - in this mode, any network activity is excluded. This mode is simply an indispensable thing in case of a computer infection with a virus.

"Custom set of rules" - as the name of the mode implies, it provides for strict control and user participation in decision-making for each network request for which there are no previously set rules.

"Learning Mode" - in this case, Comodo Firewall does not interfere with the activity of running programs, but only monitors events.

Getting to the settings is quite problematic, since the button of the same name is missing. However, on the menu Tasks have you seen the button Advanced settings(Sandbox Tasks and Advanced Tasks) by clicking which you can get to the parameters window (Fig. 4.99).

Rice. 4.99. Advanced settings

The window is divided into two parts: on the left - settings categories, on the right - changeable parameters. There are only two categories: General settings and Security Settings(fig. 4.100).

Rice. 4.100. General settings

There are four subcategories in General Preferences.

Interface. In this subcategory, you can change the language of the program, as well as adjust the visual and sound parameters. To do this, check the boxes opposite the corresponding parameters. The more they are enabled, the more often the program reminds of its presence on the computer. Separately, it should be noted the ability to block access to the program settings via a password. To do this, check the Protect settings with a password box, click the Set password link and enter your password in the window that appears.

Updates. We are talking about updating both the anti-virus databases and the program itself. This is where you can configure the frequency of checking for updates (Fig. 4.101).

Logging. You can turn off logging or, conversely, turn it on.

Configuration. The subcategory is responsible for protection priorities. By default, COMODO - Internet Security is selected, which is sensitive to threats from the Internet. If you spend a lot of time on the web, then don't change anything. COMODO - Proactive Security aims to protect the inside. Select it if your computer has a lot of viruses. COMODO - Firewall Security conducts only network protection(firewall). To change the configuration, double-click on the required item (Fig. 4.102).

Rice. 4.101. Configuring Updates

Rice. 4.101. Config setting

The default security settings are set to very high level(fig. 4.103). The only thing you can do is lower protection and exclude from scanning separate files... These settings are unlikely to be useful to an ordinary user, so we will not dwell on them in detail.

Rice. 4.103. Security Settings

CHECKING THE COMPUTER

You can start scanning in the main window using the button Scan... You can also use the button Tasks (Common Tasks Scan)... In the window that opens, select the type of scan (Fig. 4.104):

Quick scan - scans the areas of your computer that are susceptible to infection;

Full scan - scans all files on your computer;

Custom Scan - Scan individual files or folders ( Custom Scan Scan Folder or Scan file)(fig. 4.106).

rice. 4.104. Scan profiles

Rice. 4.106. Custom scan

In addition, you have the option to create your own profile. For this in the menu Custom scan press the button Other options, in the window that opens, click the button Add(fig. 4.107).

Rice. 4.107. Create a scan profile

In the next window (Fig. 4.108) assign a name to the profile and add scan objects: individual files and entire areas (tab Objects). In the tab Options choose the thoroughness of the check. The more checkboxes you select, the more thorough the check will be. In the tab Schedule set the time and frequency of this type of scanning. Click OK.

Rice. 4.108. Setting up a scan profile

Now in the window Scanning(see Fig. 4.104) the created object scan profile will appear. Check the box to activate it - and the anti-virus will start scanning at the scheduled time.

Summing up, the high efficiency of COMODO Antivirus should be noted. He does an excellent job with the task assigned to him. The disadvantages include a not very clear interface.

review, we examined in detail and "pictures" the process of installing a freeComodo Firewallon computer. Now, as promised, I will tell you howfirewall is optimal, with a minimum of pop-up notifications, quickly and independently configure... The author's version of the advanced settings of the program is largely the same asrecommended in the Russian part InternationalCOMODO Forums(branch " CIS / CFP for newbies to firewallsThese forums can be visited by clicking on the "Miscellaneous" paragraph " Visit the support forum " In Russian / Russian "(clickable!). Useful information on the topic a lot - those who wish, of course, can "dig". And I, as usual, for convenience the points I will proceed to the promised.

Comodo Firewall advanced settings

1. In the beginning, I suggest changing the default (default) gray-unhappy "face" Comodo Firewall for something more interesting. To do this, in the same tab "Miscellaneous" click " Settings" → "Appearance "→ in" Theme "change the" gray "theme" COMODO Default Normal "to, for example," COMODO Blue Norma "l (first screenshot) and," dressed up ", move on.

2. The first of the advanced settings of the program will be to enable the "invisibility" mode of your computer on the network. To do this, in the " Firewall"click the applet" Hidden Port Wizard "→ select" Block all incoming connections and hide my ports for all incoming connections "(screenshot above) and confirm our choice through" OK ".

3. Further, in the same tab " Firewall"go to" Firewall settings "and on the" General settings "tab, activate" ". Now, for all applications from the trusted list, allowing rules will be automatically created, which will save you from unnecessary permissions manually. In addition, check the checkbox next to the item "Automatically discover new private networks "(which can be removed after detecting your network) and, most importantly," Firewall mode "we leave it unchanged" Safe ".

Confirm all changes in the settings with the button " OK".

4. Let's go to the mode settings " Proactive defense". To do this, in the" Protection +"click" Proactive Defense Settings "and, by analogy with the previous settings item, activate" Create rules for secure applications ". In case you are sure that the system is clean from viruses and have an effective antivirus scanner (I wrote about the need for it in the note" ") type of free, then feel free to put" Clean PC mode "- again, to get rid of the" annoying "notifications. Also check the absence of a jackdaw opposite" Enable enhanced protection mode "and presence is opposite the item" A adapt the operating mode at low system resources " (No comments).

5. In the same settings of the Firewall Proactive Defense in the " Application execution control settings "check that unrecognized files are treated as" Partially limited "(default) or" Suspicious "- under other settings, some applications will refuse to start.

6. For users of older versions Comodo Firewall

And do not forget to confirm the changes in the settings with the button " OK ".

Note: If Proactive Defense is completely deactivated, this option ("Sandbox") is automatically disabled.

7. The final tweak from the "optional" category: in the "tab Miscellaneous " → "Settings"→ on the tab" General"uncheck the box next to the item" Automatically check for program updates"(penultimate screenshot), especially since the option" Check for Updates "always" at hand "(last screenshot).

One more click on the button " OK"and you can close the appropriately configured Comodo Firewall- after restart windows With this configuration, "comfortable" for the user, the program reliably protects the computer from network threats.

As a result of unsuccessful attempts to force the databases to be updated, I decided to just reinstall Comodo, but the version is lower, in order to test it. Comodo Internet Security is a complete protection that includes antivirus, firewall and proprietary features such as Hips and more.

Before Comodo, I tried various antiviruses. These are Doctor Web, Kaspersky, AVG, Nod32, Avast, Panda, MalvareAntimalvare and even the Chinese Rising, which works surprisingly well.

Most of all I like Kaspersky, which has served me faithfully for several years, but the time has come to find something to replace it, and as a result of a long search, I chose the free Comodo. Now he has been protecting, for several years now, the computer.

Comodo is, as everyone admits, an awesome firewall. In fact, only he alone solves the problem of the security of being on the network. The antivirus is also excellent, but I prefer not to use it, although it works normally. Instead of antivirus, I download a scanner from DrWeb called CureIt and check the computer every few months.

Comodo is highly customizable and comes across as a very professional (and it is) product. In general, I like Comodo and I am happy with it. It just needs to be configured correctly. I am easily versed in any programs, so it was not difficult for me to understand the Comodo settings.

I specially made several screenshots of Comodo for this article, for which I had to go to WinXP, where I have the most recent version of Comodo installed, where I have not visited, probably for six months.

I will not talk about all Comodo settings. You decide whether to leave any updates, messages, notifications for yourself or not. I will only talk about the most basic settings, as well as some tricks in these settings.

What if the browser is infected? Read about it.

This Comodo differs from the 5th version in its improved and beautiful interface.

In my opinion, despite the beauty, the 5th version is nevertheless more convenient. There all the settings are better grouped and informative.

For example, in the new version of Comodo it is not clear when the anti-virus database was updated; no date. In the 5th version, this is indicated by the update date.

The settings for antivirus scan profiles and exclusions are hidden away so that they can only be found by understanding the structure of the Comodo interface from previous versions.

More on this below. Although, let's start right there.

As for the antivirus, here you can leave the setting for scanning the computer memory at startup. By default, there is a checkbox for scanning archives. I always remove it, because often there are tablets in the archives, and the antivirus ruthlessly deletes them.

With regard to cumulative scanning, in this mode those files will be scanned in which changes have occurred since the previous scan. You can select "Scan On Access". It's up to you to decide. I always choose cumulative scanning.

In my opinion, the American developers have made a mistake with the list of scans. The fact is that if you do not know how to configure an antivirus, an antivirus check will occur every time you start your computer. Not everyone and not always need it. And to turn off this automatic scan, you need to know where to do it. Comodo's designs made this unobvious, for some reason. In general, in order to configure how we need to go to the "List of scans" and there we see the default list, and at the bottom a barely noticeable arrow.

This is what we need. We drag it up, the "Add", "Edit" and others windows appear, where we can already do something. We cannot delete the default profiles of the scan list, but we can change them or add our own. In the "Graph" line, set the desired position so that the scan does not start automatically when the system starts. If we needed a scan, then we can always start it manually from the main window of the antivirus by clicking on the "Scan" button.

However, profiles can be configured so that scanning is enabled once a week, for example, at night or during the day. The very idea of ​​a "Full" or "Fast" scan schedule is good, but it should have been done more clearly, and not hidden far into the bowels of the program from the user.

The same situation is with "Exceptions". The developers also managed to hide the setting of this extremely important item behind such an arrow, which is visible at the bottom in the main window when you go along the path "Antivirus ---> Exceptions".

We drag this arrow up and a window with actions will pop up, thanks to which we can already fully work with exceptions.

We enter in the "Exceptions" all those files and folders that, in our opinion, should be ignored by Comodo.

A few words about Proactive Defense. This is a proprietary feature of Comodo, which they consider to be almost the main one in protecting your computer. The version we are considering has a HIPS (Host-based Intrusion Prevention System or simply "Intrusion Prevention System") setting. The settings are on the screenshot below. You can choose "Safe Mode". In it, all unknown actions on the computer will be under control. If you know / are sure that there are no viruses on the computer and it is clean, then you can set the "Clean PC" mode. In this mode, all files are recognized as trusted, and we receive fewer notifications from Comodo. I put in the settings "Clean PC".

HIPS is optional and can be turned off. But if you do, then I recommend that you check the box next to "Create rules for secure applications", specially highlighted in green. This will make it easier for yourself to further interact with Comodo. He will create the rules and once confirming them, you will not receive messages from Komodo on the same occasion.

Well, setting up a firewall, or simply a firewall. Comodo's firewall is one of the best on the market. This is recognized by all specialists and ordinary users. Some people specifically download only the Comodo firewall in order to use it with third-party antivirus software. There is nothing complicated about the settings.

Also, as in the screenshot above, be sure to check the box to create rules so as not to receive constant messages from Comodo. The rest is at your discretion. I am setting "Safe Mode". Even with the default settings, the firewall does an excellent job.

If you want to make your computer invisible on the network, you can enable the mode of blocking all incoming connections and hiding your ports for all incoming connections in the Hidden Ports Wizard. But, if you use home network, which is most often the case, it is better to activate the notification mode for incoming connections and make a separate decision for each port. For the more advanced: in the advanced firewall settings, you can check the boxes everywhere, except for monitoring NDIS other than TCP / IP.

A little about the Sandbox mode. This cool thing, if enabled, isolates all unknown files and runs them in itself (sandbox). In this mode, the files, if they are dangerous, will not harm the system. Not every paid antivirus has a sandbox. Free Comodo has. So use it.

You should be aware that the Sandbox and Protection Plus (Proactive) modes are not required to be activated. Without them, with just antivirus and firewall, you can normally secure your system. But the above modes make the protection even more reliable and powerful.

And I would also like to say about the configurations. There are three of them, by default. These are: Internet Security, Proactive Security and Firewall Security. For many, these things are incomprehensible, but there is nothing complicated here. These are, in fact, a kind of presets, ready-made presets. Firewall Security gives priority to network protection, the activity of the antivirus, as it were, decreases: it seems to work, but it does not seem to be. In general, it is almost invisible and inaudible in this mode. In other modes it is the same: In Proactive, priority is given to proactive protection, in Internet Security, priority is given to anti-virus and network protection. I usually install Internet Security. In any mode, if anything, you can adjust the settings to the desired functionality.

As the saying goes, the flight is normal, but the product is paid and after 30 days it will stop working and will ask for money. Tell me, is there any free firewall of the same quality.

Hello friends! Today's article is about the popular and free Comodo Firewall.

The security software from the developer Comodo Group gained popularity in the software market due to the presence of three important components in the software products - the demanded scope of application, the simplicity and convenience of the interface, as well as free distribution. We should also note the flexibility of the developers' approach. Thus, a software package for computer protection, consisting of antivirus, firewall, Sandbox and other modules, can be installed as a whole or selectively by installing only individual modules of either Comodo AntiVirus or Comodo Firewall. It is about the latter that will be discussed in more detail below. Let's take a look at the features of the Comodo Firewall, how to install this program and how to configure it.

Comodo Firewall tasks and features

Firewall Comodo Firewall, despite the fact that the product is free, provides complete protection of your computer from network threats. Moreover, it more than once became the winner of various tests conducted by software Internet resources in order to identify the best software solution of the "Firewall" class. Comodo Firewall is able to protect against attacks by hackers and malware spreading over the network on a level with paid advanced firewalls such as Outpost Firewall Pro. To put it simply, you will not find software of the same quality and even more free of charge on the market..

Comodo Firewall analyzes suspicious activity of programs on your computer and checks all their active components, blocking the launch of anything that can harm your computer. Stealth Mode makes the computer invisible for port scanning by malware. Comodo Firewall automatically detects the trusted zones of your computer, that is, those folders and files that are authorized to be shared on your home or local network.

Unlike its counterpart - which does not get along in the same system with every antivirus, Comodo Firewall is more loyal in this regard. Even if you don't like the specifics or efficiency of Comodo AntiVirus, you can install any other antivirus, since Comodo Firewall usually does not conflict with third-party security software.

Several modes of operation and flexible settings of Comodo Firewall will allow you to customize the desired behavior of the firewall for both beginners and more experienced users.

Installing Comodo Firewall

Run the downloaded Comodo Firewall installer.

The installation process is somewhat different from the standard one, since initially it involves setting some parameters of the program's operation. After choosing the program language, we will see the installation wizard window, where you need to select some options. It is optional to indicate your E-Mail.

Leaving all the preset options without changing anything is possible only in such cases:

When it comes to a productive computer or laptop and a high-speed Internet connection;

You fundamentally want to participate in the improvement of security software, in particular, Comodo products, so that the company improves user protection;

You don't trust your ISP's DNS.

A window will open with options for installing the program, where the developer, hoping that you will hurry through the installation and not dig into the installation settings, has prepared in addition to the Comodo Firewall the automatic installation of two more programs - this is a technical support client from the developer Comodo GeekBuddy and a browser with enhanced protection when surfing the web Comodo Dragon. There is no point in contacting the first program for those who do not know English and are not going to pay for technical support from Comodo at the end of the free period. Another program - the Chromium-based Comodo Dragon browser - you can download on the Internet for free and install at any other convenient moment when the question of changing the browser comes up.

Now you can safely press the "Forward" button.

In the next window, we are forced to install Yandex elements along the way and the ubiquity of this search engine in the browser. We will refuse this service, since it can hardly be called a missed opportunity in life. We press the button to start the installation at the bottom.

The program will be installed. After launching it, we will see that a computer restart is required. We press the button "Fix".

Launching Comodo Firewall

The computer will reboot, and we will find on the desktop a lot of Comodo Firewall windows - informational help about Comodo technologies, the program's gadget and the firewall presets window, where we need to specify which network the computer is connected to - home, work or public network location such as a Wi-Fi hotspot.

After that, Comodo Firewall will be minimized to the system tray, from where the program interface can be called at any time.

Any actions performed on the computer for which the firewall has not yet created a rule must be approved, unless, of course, we are talking about an unauthorized launch.

You will have to approve the launch of each program unknown to Comodo Firewall on your computer until the firewall develops rules for itself for each of the programs that are launched. Of course, you have to tinker at first, but this is actually a small price to pay for being able to control network connections.

Configuring Comodo Firewall

Comodo Firewall is designed for a wide range of users, including newbies, and your computer will be safe even with the developer preset settings. But more experienced users will surely be interested in using Comodo Firewall's capabilities for enhanced computer protection.

We launch the firewall using its shortcut in the system tray. In the main window that opens in front of us, we see the status of the program - the computer is under protection. We also see the number of network intrusions, the number of blocked intrusions, software updates.

Using the button in the upper left corner, we can switch to the display of the detailed summary by the program. And then return to the summary view again.

In the main window of Comodo Firewall, there is a "Game Mode" option. Game mode is, in fact, full screen mode, not only in games, but also when watching videos, as well as in any other applications that are displayed in full screen. When switching to this mode, the firewall will not bother us with its notifications and all decisions will be made by itself.

To open the advanced firewall settings, in the main Comodo Firewall window with a detailed summary, click the "Firewall" link.

The detailed firewall settings will open, where you can change these or those preset parameters.

For example, at the top of the settings window, you can change the preset "Safe mode" of the firewall, when the network activity of programs in the trusted list is allowed, and Comodo Firewall does not pull on other modes for every reason. For example:

"Complete blocking" - in this mode, any network activity is excluded. This mode is simply an indispensable thing in case of a computer infection with a virus.

"Custom set of rules" - as the name of the mode implies, it provides for strict control and user participation in decision-making for each network request for which there are no previously set rules.

"Learning Mode" - in this case, Comodo Firewall does not interfere with the activity of running programs, but only monitors events.

Comodo Internet Security (CIS) is an antivirus + firewall. Also in Comodo Internet Security there is a SandBox (sandbox) in which you can run applications without affecting the system (in an isolated environment). It is possible to filter all traffic through DNS servers Comodo minimizes the threat of viruses and malicious sites. There is a virtual desktop, in the virtual desktop you can safely run programs and surf the Internet, it also protects from keyloggers (keyloggers). Tablet mode and Windows desktop mode can be used.

There is also an intrusion prevention system HIPS (Host-based Intrusion Prevention System), which analyzes the behavior of programs.

Comodo Internet Security (CIS) is the best free antivirus and firewall.

Download Comodo Internet Security can be on the official website comodorus.ru/free_versions/detal/comodo_free/8.

During installation, the program can also be installed:

- Comodo dragon(high security internet browser from Comodo). I did earlier.
- Comodo Antivirus(antivirus)
- Comodo Firewall(firewall)
- Comodo geekbuddy This is a shareware service (limited to 60 days). Works on the principle 24/7 technical support... Communication takes place using the built-in Internet messenger)

You can choose what to install and what not during the installation of the program package.

So let's start installing Comodo Internet Security. Run the installer and start unpacking the files for installation.

If User Account Control comes out with a question: allow the next program to make changes on this computer? Click yes.

Choosing the language for installing Comodo Internet Security Premium and press ok.

You can enter your email address (optional).

You can check the box " I want to provide additional security on the Internet by switching to COMODO Secure DNS service, minimizing the threat of viruses and malicious sites, so that all requests are filtered and processed on Comodo servers and malicious sites are blocked and other threats do not reach you. "

You can check the box "I want to use Cloud Analysis of Application Behavior by transferring unrecognized programs to COMODO in compliance with the terms of the Privacy Policy."

You can check the box "Anonymously send application usage data to COMODO (information about configuration, crashes, errors, etc.) to make changes that improve the program's performance."

Click forward.

Uncheck the boxes:

Install yandex items
- make Yandex home page(applies to all supported browsers)
- make Yandex the default search engine (applies to all supported browsers)

Click I agree. install.

The installation of Comodo Internet Security Premium begins. Comodo Dragon browser is installed first.

Then Comodo Internet Security Premium installation begins.

After installing Comodo Internet Security Premium, the Comodo Internet Security Premium widget appears on the Windows desktop, which shows the system security, Internet speed, and quick start internet browsers.

When you start Comodo Internet Security Premium for the first time, it scans your computer for threats.

You can stop it or continue scanning in the background (this will take longer to scan, but use fewer resources and load your computer less). This is called a hidden task and is a task that requires fewer resources to complete than the active task.

This is what the main window of Comodo Internet Security Premium looks like.

This window will also pop up with a short story about Viruscope, content filter, GeekBuddy programs. We put a tick in the lower left on the item do not show this window anymore and close it.

Network detected. Please enter your location:

I'm at home. Select if you connected your computer to your home LAN
- I am at work. Select if you have connected your computer to an office LAN
- I'm in a public place. Choose if you are in a public place such as a cafe, hotel, school, etc.

I chose I am in a public place.

Clicking on the top right on the tasks, we will switch to the tasks.

You can switch back by clicking on the main window.

In tasks, you can enter the firewall tasks and select advanced settings to customize various aspects of the firewall.

Firewall settings. You can enable or disable the firewall and select the mode of its operation. Do not show notifications, auto-detect private networks, show notifications, trustconnect, show animation on the CIS icon in the notification area, create rules for secure applications, set the level of notification frequency, display time of notifications on the screen, enable filtering of Ipv6 traffic, block fragmented IP traffic, analyze the protocol.

Global rules.

The following global rules are active on this computer:

Allow IP Outgoing from MAC Any to MAC Any
- allow ICMPv4 Incoming from MAC Any to MAC Any
- block IP Incoming from MAC Any to MAC Any

You can add a new firewall rule.

Rule sets.

Here you can configure which rulesets are used on this computer.

Content filter.

This option configures the firewall to filter access to sites in accordance with the following rules and profiles.

Anti-virus monitoring.

Scan in real time (recommended).
Continuous anti-virus monitoring is performed in parallel with the execution of user tasks.

Generate a cache if the computer is in standby mode, scan memory when the computer starts, do not show notifications, unzip and scan files: .jar, .exe, adjust the level of heuristic analysis, search for potentially unwanted applications.

Interface.

You can change the interface to Classic Theme, Tile Theme, Modern Theme. Also show notifications from the COMODO message center, show informational messages, show a greeting at startup, show a widget on the desktop, show informational messages when task windows are minimized or tasks are running in the background, accompany alerts with a sound signal, protect settings with a password.

Updates.

Check for program updates.

Automatically download program updates. If this option is enabled, program updates will be downloaded automatically. When to install them, you will decide for yourself. Check for updates to the anti-virus database every 6 hours.

Do not check for updates if these connections are in use.

Do not check for updates on battery power.

Proxy server settings.

Configuration.

In this section, you can import and export configurations, as well as change the current configuration.

Types of scanning.

On this page you can add, remove or edit profiles and scan schedules.

Protected objects.

Objects protected on this computer.

Here you can add a folder or file that you want to protect from changes that are not made by you, as well as from intrusions by other programs.

Use cloud check (recommended) so that the file is checked against the database in the cloud. Perform cloud-based analysis of unknown files to get fast results and save computer resources. Trust applications signed by trusted vendors. Trust applications installed using trusted installers.

You can disable the Comodo Internet Security widget on the desktop, or put a brief summary, also enable links to browsers, social. network and for the widget to show your internet traffic.

In Comodo Internet Security Premium, you can enable a virtual desktop to safely surf the Internet, for example, without fear that someone will steal your password or run a virus to check its action without harming the system, or run an application that will not affect your system, but only to act within the framework of the virtual desktop.

To use the virtual desktop you need to download and install Microsoft Silverlight... Click yes to start downloading and installing.

Click I agree. Install.

Microsoft Silverlight 5.1 is loaded.

The virtual desktop is loading.

You can go back to Windows.

You can enter the settings ...

and change the virtual desktop mode from a tablet pc to a regular pc.

You can freely use the Comodo virtual machine.

Launching in Sanbox is needed in order to isolate the application from the system.

You can clean your PC of viruses and threats with Comodo Cleaning Essentials.

With Comodo Cleaning Essentials, you can start scanning and detect and remove viruses, rootkits, hidden files and malicious items in the system registry.

Checking MBR (Windows Boot Area).

A reboot is required to complete the scan.

You can view activity and monitor ongoing processes using Comodo Killswitch.

We allow UAC action by clicking yes.

Click I agree. Install to download and install Comodo Killswitch.

Comodo Killswitch is loading.

Comodo Killswitch initialization of the application.

In Comodo Killswitch, you can see the activity of all processes in the system and stop them if they seem suspicious and unnecessary to you, as well as find an application that eats up a lot of system resources. You can also see how much CPU is loaded and see which application is consuming internet traffic.

How to find something forbidden in tor

optimal, with a minimum of pop-up notifications, quickly andcustomize yourself ... The author's version of the advanced settings of the program largely coincides with the one recommended in the Russian part of the International COMODO Forums (branch "CIS / CFP for newcomers to firewalls"). You can visit these forums by clicking on the "Visit Support Forum" item in the "Miscellaneous" tab. The only thing, you will be taken to the main English-language page, therefore, in order not to search, here is a directlink to the forum "In Russian / Russian". There is a lot of useful information on the topic - those who wish, of course, can "dig". And I, for convenience, point by point, will proceed with what I promised.

Configuring Comodo Firewall

1. In the beginning, I suggest changing the default gray-gloomy "face" of Comodo Firewall for something more interesting. To do this, in the same "Miscellaneous" tab, press "Settings"> "Appearance"> "Theme", change the gray theme COMODO Default Normal to, say ,. COMODO Blue Normal and, "dressed up", move on.

The little son came to his father and asked the little one:

- Whose defense is good, but whose - not very?

I have no secrets, listen guys.

I publish my opinion on this matter below.

In fact, there is no better firewall, just as there is no better antivirus or browser - every computer user chooses his best software product for himself.

Perhaps now I have disappointed many, but it is so. There are a huge number of users who believe that Comodo Firewall is the best free firewall for Windows and I do not argue, but before it worked fine for me for several years ESET NOD32 with its protector, and after him avast! Internet Security, also with a firewall ...

An excellent and powerful free firewall for Windows

I never had any complaints about their protection until I experienced the last complex. program for checking the reliability of the firewall.

He failed the test and it was decided to change the firewall. The choice fell on Comodo Firewall - it is being tested for reliability and of course it is completely free.

Today I want to describe some of the nuances of installing it and setting it up.

Our whole life is a search for something. Search for money, fame, love ... the best firewall or browser (popular wisdom).

The first question you may have is the size of the installer of this firewall, which is downloaded after launching the web installer - 202 MB! Why such a wild size?

Because it has a whole bunch of unnecessary additions, even the browser was shoved there.

I will now show you how to install one Comodo Firewall and after that you can safely remove this giant installer. But you still need to download the entire file, following the link from the manufacturers' official website, which is higher ...

Met on the net, once upon a time, relieved setup file of this protective screen, without additions, but firstly - it was not official, and secondly - I lost the link 🙂.

Installing Comodo Firewall

Over time, software manufacturers change the interface of their creations, improve them in every possible way, add new functions and remove unclaimed ones ... They have the right to do so. In any case, their logic, purpose and spirit always remain the same - starting from this review, you can understand any hypostasis of software.

Here they are - extra additions. Uncheck them and move on ...

I have already described to you how to find the fastest DNS servers, and so - COMODO DNS servers are not only slow, but also scared to the full.

Leaving the top checkbox, you will get yourself a headache - half of the sites will be blocked. I recommend leaving the second checkbox.

Be sure to go to "Configure Installation" ...

Here it is, our dear - how can it be without Yandex !!!

Of course we remove all the jackdaws ...

We look around and find out where we are. If you do not have your own home local network, I recommend clicking "I am in a public ... place".

Congratulations! You have installed Comodo Firewall - the best free firewall for Windows.

Let's tweak it a bit now ...

Configuring Comodo Firewall

In fact, there are many configurations of settings for this firewall - the Internet is flooded with them (here is one of them). You can set up the defender in such a way that you won't be able to breathe between his notifications, warnings and questions.

Or you can convince him to work quietly and unobtrusively - it's up to you, I will give just a few tips below ...

Go to the program settings ...

... and put ALL jackdaws in the advanced settings (as many advise on the net), but if you have problems with accessing the Internet, remove the two bottom ones.

Here you can turn off the display of the widget on the desktop, if you do not need it ...

I left it, although I absolutely do not like any widgets on the desktop. Slightly edited it by clicking the RIGHT mouse button on the firewall icon in the tray ...

And here is the worst firewall setting that will turn it into a real reinforced concrete wall ...

Instead of safe mode, you can install ...

In this mode, get ready for a million questions from a defender on any occasion. But reliability check now your Comodo Firewall will pass - 100%.

Firewall questions look like this ...

You can put a tick at the bottom of this window (remember ...) and just allow execution. This is if you know a program that is trying to go online. You can also "Process as" ...

This way we will get rid of repeated questions, for example, about contacting Clover by the Nexus program.