I want to write my own Firewall rules in Comodo, so what I want to know, what is UDP and TCP and how do they work, e.g. when downloading a file from download.com?
What is the difference between UDP and TCP internet protocols
Unlike UDP, TCP is oriented "connection". When a machine A sends data to a machine B, machine B is notified of the arrival of the data, and reflects the good reception of these data by an acknowledgement of receipt. Here comes the CRC for data control. It is based on a mathematical equation to verify the integrity of transmitted data. Thus, if the received data is corrupt, the TCP protocol allows recipients to ask the issuer to return the corrupt data.
UDP is a "non-connection"-oriented protocol. To do simple, when a machine to send packets destined for a machine B, this flow is unidirectional. Indeed, the transmission of data is done without notifying the recipient (the B machine), and the recipient receives the data without acknowledgement of receipt to the transmitter (A machine). This is due to the fact that encapsulation of data sent by the UDP protocol does not transmit the information concerning the issuer. Therefore, the recipient knows not the issuer of data except his IP. It is faster (no connection phase), but you don't know if the recipient is connected or out when you send the datagram.
here you can find some rules
Using Comodo Personal Firewall to block external connections
Hello, for a site like the one you mentioned, you use mostly TCP, because you want to get your files complete and in order. The reason this is so, is because on download.com you are downloading programs/software. If any software you download is missing a little bit of the file, the software will not work properly or will not work at all.
Now, If you are downloading, let's say video, UDP is preferred because even if the download is missing a few bits of information, you can still get the video and it will play.
TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are the core protocols of the Transport Layer.
The main difference is that the TCP protocol is connection-oriented while the UDP functions connectionless or in laymens terms:
TCP opens a connection, controls it and then closes it
UDP sends the packet to it's destination and doesn't care any further
TCP is used when it's necessary that all packets arrive and in a certain order
UDP is used when speed matters, packets arrive in whole
There is a long list of common ports for certain Protocols and Applications but even more are very random. http://www.iana.org/assignments/port-numbers
You mentioned a download from Download.com - let's look into it:
a. if the download is using HTTP it will be TCP Port 80
b. if the download is using FTP it will be TCP Port 21 for control, TCP Port 20 for data (server-sided) and a random TCP Port at client side (your end).
b1. if it's active FTP the random port will be initialized from the Server
b2. if it's passive FTP the random port will be initialized from the Client
c. if the download is using FTPS (FTP over TLS/SSL) it will be either TCP/UDP Port 990 for control, TCP/UDP Port 989 for data
d. if the download is using SFTP (SSH File Transfer) it will be either TCP/UDP Port 22 or TCP/UDP Port 115
As you see it's not that easy - which is why by default Firewalls allow all outgoing connections and incomming (WAN) connections initiated from a client (LAN).
And even this doesn't mean everything is working out of the box. If you want to serve Passive FTP and your Firewall is configured that way you'd still have to open a port range where clients can connect for data transfer.
If you want full control by blocking all connection from ANY to ANY you better be prepared to do a lot of configuration :-)
oh, one other thing: NEVER EVER forget TCP + UDP Port 53! That's DNS!
Not sure whether this helps, but a simple search in Wikipedia came up with this: