Server rights on Comodo

Hi, I am using Comodo firewall. I am not sure when Opera, other web browsers, my download manager, AV and Comodo itself are a sking for permission to act as a server. Any users of Comodo here? Any help will be appreciated?
My second post on it.

 

Hi aigle,
Comodo works slightly differently, as this firewall uses 2 rulesets, one for the programs, and one "network" based. When Comodo informs you that "firefox" is requesting "server rights", I highly suspect that it is referring to the "localhost loopback inbound connections" and the server rights are for the "Program rules".
Allowing the "server rights" for program rules, will in fact, not allow inbound from the internet, to allow inbound from the internet, you would need to change the network rules.
So allowing "server rights" for the program rules within Comodo, I believe is O.K.

 

I think so as I saw if I deny, the browser will not access the internet.
It is different from what I saw in ZAP.
Thanks for ur reply.

 

Yes, if loopback for firefox is completely blocked, then there will be a lot of problems.

In ZAP, you can allow "Server rights" in the "trusted zone" (for loopback), or in the "Internet zone" for inbound connections from the internet.


Check the rules within Comodo, in the "Network rules". You should see 2 rules, one to allow all outbound, and one to block all inbound.
The "Program rules" are only filters to these 2 network rules. (or the rules to add/change here)
You could say that the "Network rules" act like a router.

 

Yes it is exactly like this. Thanks for the help.

As I think u are quite expert in firewalls, so I will ask u one more question that is not directly related to the topic.
In the past I used ZAP, and it will give pop ups like one after every 10 to 15 minutes that will say " an attack to ur PC is diasbled from xyz IP" with the severity of attack as medium or high. Anf if u check its main Overview window after a week it will tell how many Intrusion attempts it has blocked( and how many of them were high risked/ rated).
Kaspersky anti-haker and Norton firewall also used to do something like that,
but i have not seen this with Kerio and Comodo. In kerio even after one month if I check the logd, it will show only few intrusions while on ZAP these will be more than 50 or so. Why is like that? Is it just thw bells and whistles or Kerio and Comodo are not detecting these attacks?
( Infact in Comodo I don,t find any log for Intrusion attempts.)
Thanks.

 

Hi aigle,

It will just be the log settings within the firewall, some firewalls will log ALL, some will just drop the inbound attempt with no notice/log.
Have a look at the "network rules" within Comodo, the "block inbound" rule, are there any logging options on this rule?

EDIT:
open comodo, network monitor and double left click on the "block all inbound" rule. There is an option (tick box) for "create an alert if the rule is fired", select (tick) this box. This should then alert to any inbound that are blocked.(if this is what you want?)

And Comodo is alerting "Act as server" for firefox for "listen ports". You can allow this. (This is "listen" for loopback)

 

Thanks.
Here logs are separate but only for applications, not network.

 

Rule to log All network need to be set in network monitor.

 

Thanks. I enabled the logging, and will see now.
Nice help from u.
Thanks again.

 

Technical Question about COMODO. I am going to download a trial of Online Armor (OA). If that goes well, I will buy it.

Online armor is a HIPS based program. Does Comodo have any HIPS features that might conflict with OA? After my trial of OA I will probably dowemload Comodo and want to make certain that there aren't conflicts.

 

No HIPS in Comodo.
There is an application behaviour analysis part but it is infact related to network activity.

 

Problem with Comodo firewall

Anybody using Comodo firewall?
Updated today and comodo is not giving any option to remember about my browser( Opera/ Firefox/ IE) when it tries to connect to internet.
I get two popups each time i launch Opera or other browser( trying to act as server and trying to connect to internet), but there is no option to remember this action.

 

Just found out the cause I am running my browsers sandboxed in GesWall.
If I run the browsers out of sandbox then I do get the option 'Remember this".
As far as I can remember I did not faced this issue before the update, now I wonder if there is any way to get rid of these pop ups!

Here is popup when firefox is out of sandbox.

 

aigle,
Post 12:- I highly suspect this is due to the introduction within Comodo of interception of windows "bits" (Background Intelligent Transfer Service). A "remember" rule for an unknown/isolated data transfer would be a little scary.
Post 13, the alert as changed, but,.. it is hidden/invisible to the user,.. so maybe better info?

 

Comodo is doing well but my problem is GesWal. Ao I don,t find any way to get rid of these pop ups.
See my posts here.

http://forums.comodo.com/index.php/topic,680.0/topicseen.html

 

I posted the issue in their forums and thay have promise to look in this issue. Same pronlem is told to me by a BufferZone user as well.