comodo applications rules

Discussion in 'other firewalls' started by stride000, Mar 14, 2007.

Thread Status:
Not open for further replies.
  1. stride000

    stride000 Registered Member

    Joined:
    Oct 14, 2006
    Posts:
    23
    Hi there,

    I've been trying comodo on and off for a while now and everytime i'm faced the same little annoyance and i was wondering if it's the program or me that's not doing something right.

    I can't seem to make comodo remember the rules. Upon the first uses, like most firewalls in learning mode, you get pop-ups asking for program permission. With comodo, even though I check remember action, it never does. Everytime I reboot it asks for permission to the same programs over and over again.

    What can be the problem?

    Also, is there a way to protect access to the firewall with a password like with outpost?

    Thanks
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    First, go to security tab and under tasks, scan for known apps. Second, in the advanced under the miscellaneous section, check the alert frequency level. By default it's set to "low", which slows down on pop-ups after 3-4 days, as long as you set the pop-ups to remember your settings (same as ZA).... if that doesn't do it, send an eMail to tech-support. They got back to me with a fix within 12 hours for an updating error. Good luck!!!
     
  3. 666

    666 Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    48
    Maybe you have some kind of security app that deletes the entries Comodo writes to HKLM\SYSTEM\Software\Comodo ?
     
  4. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    There is no password protection, either. Maybe in version 3
     
  5. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    With Comodo, I do really think it is worthwile to make tight application rules for something like svchost.exe.
    They can be made with running at least while making them in the High 'Alert Frequency Level'.
    My rules attached given for that. At the moment no IP ranges given out for ports 80 and 443 though since they could be restricted also to microsoft servers only for the patch updates.

    Port 67 outgoing is for DHCP, there are rules for isp servers and also the broadcast rule for getting a connection release.
    Since Comodo has no pseudo SPI on Application Monitor level there are also incoming rules made after a popup for port 68 incoming, for solicited connections.
    There is also rules for the time synchronization update, using udp port 123.
    Notice also that I have used computer 'hostname' for incoming connections to provide some more flexibility instead of the current IP address.
    DNS, port 53, you can always make just for the isp servers fot any app.

    I include also my Network Monitor rules. Added some more what was after install rules, not much:
    Rules 0 and 1 are netbios blockings outbound, the final block all rule takes care of the inbound I think.
    Those are not really needed if you disable having netbios over TCP/IP in network connections.
    2 is unsolicited connections block from my cable modem dhcp filtered out from final block rule not to log.
    3 is normal ephemeral local ports outgoing rule.
    4 is Skype specific port outgoing rule.
    5 is other local ports outgoing logged rule that are seldom used, except like that Skype rule and dhcp outgoing.
    Otherwise they could be trojans etc. and need some closer examination.
    6-10 are from default install.
    After rule 10 in my picture you could place something like a rule to allow that special torrent port.
    Only to move it above the final block rule whe using that program.

    Comodo blocks all unsolicited connections by default.
    So making tighter application rules is a way to keep also solicited ones to safest minimum as safe practice.
    Since you should not assume that solicited incomings originating from connections out from your computer are safe ones.

    Just my opinion.
    Jarmo
     

    Attached Files:

    Last edited: Mar 15, 2007
Loading...
Thread Status:
Not open for further replies.