Maximum Traffic Controll With Comodo Firewall

Status
Not open for further replies.

Serhess

New Member
Thread author
Aug 11, 2014
1
Hello friends!
Need help from knowledgeable users. The main idea I wish to discuss is allowing only necessary internet traffic to reduce possible data leaks (including Windows telemetry) and to close as much security breaches as possible.
I have Windows 10, Comodo firewall, no other security programs, TP-Link Wi-Fi router, I don’t share files or printers, don’t access corporate servers, just web surfing with browsers, radio streaming, cloud backup apps, torrent downloads time to time, a couple of VoIP clients (Skype, Viber) and couple of job specific apps (using HTTP ports) and that’s it.
I want to tweak firewall rules to allow only necessary traffic: stable Wi-Fi connection, windows updates, time sync service and user programs (browsers, VoIP, media player, torrent etc.).
As far as I know, TinyWall offers that kind of preconfigured modes, but using two firewalls alongside is not an option, and import rules from TW or Windows FW to CFW is impossible either.
Currently Ive tweaked FW rules for user apps and essential Windows services (DHCP, DNS, TimeSync and Windows Update Servers), "System" on certain IPv6 addresses which I found in CFW logs (described as Router Solicitation and Multicast Listener Discovery), all the rest is blocked and everything seems to go well so far. But CFW logs some blocked outgoing connections from "System" and "Windows Operating System" to some IPs like 224.0.0.251 and DNS server with "Destination Unreachable" comment.
I generally need an advice what ports/protocols for which system components are necessary for Wi-Fi to work properly. Of course, I could use trial and error approach, but I'm not that tech savvy to avoid possible mistakes. Blocking/allowing app by app with "Remember my answer" at each popup is not an option either as CFW completely blocks the app or allows Any protocol/IP/Port if allow is chosen, which is not good (if set Allow for any single svchost.exe alert, then all telemetry Ips/ports are allowed also).
So please friends, help me figure this out. Any thoughts are welcome.
 
  • Like
Reactions: shmu26
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top