comodo applications rules

Hi there,

I've been trying comodo on and off for a while now and everytime i'm faced the same little annoyance and i was wondering if it's the program or me that's not doing something right.

I can't seem to make comodo remember the rules. Upon the first uses, like most firewalls in learning mode, you get pop-ups asking for program permission. With comodo, even though I check remember action, it never does. Everytime I reboot it asks for permission to the same programs over and over again.

What can be the problem?

Also, is there a way to protect access to the firewall with a password like with outpost?

Thanks

 

First, go to security tab and under tasks, scan for known apps. Second, in the advanced under the miscellaneous section, check the alert frequency level. By default it's set to "low", which slows down on pop-ups after 3-4 days, as long as you set the pop-ups to remember your settings (same as ZA).... if that doesn't do it, send an eMail to tech-support. They got back to me with a fix within 12 hours for an updating error. Good luck!!!

 

Maybe you have some kind of security app that deletes the entries Comodo writes to HKLM\SYSTEM\Software\Comodo ?

 

There is no password protection, either. Maybe in version 3

 

With Comodo, I do really think it is worthwile to make tight application rules for something like svchost.exe.
They can be made with running at least while making them in the High 'Alert Frequency Level'.
My rules attached given for that. At the moment no IP ranges given out for ports 80 and 443 though since they could be restricted also to microsoft servers only for the patch updates.

Port 67 outgoing is for DHCP, there are rules for isp servers and also the broadcast rule for getting a connection release.
Since Comodo has no pseudo SPI on Application Monitor level there are also incoming rules made after a popup for port 68 incoming, for solicited connections.
There is also rules for the time synchronization update, using udp port 123.
Notice also that I have used computer 'hostname' for incoming connections to provide some more flexibility instead of the current IP address.
DNS, port 53, you can always make just for the isp servers fot any app.

I include also my Network Monitor rules. Added some more what was after install rules, not much:
Rules 0 and 1 are netbios blockings outbound, the final block all rule takes care of the inbound I think.
Those are not really needed if you disable having netbios over TCP/IP in network connections.
2 is unsolicited connections block from my cable modem dhcp filtered out from final block rule not to log.
3 is normal ephemeral local ports outgoing rule.
4 is Skype specific port outgoing rule.
5 is other local ports outgoing logged rule that are seldom used, except like that Skype rule and dhcp outgoing.
Otherwise they could be trojans etc. and need some closer examination.
6-10 are from default install.
After rule 10 in my picture you could place something like a rule to allow that special torrent port.
Only to move it above the final block rule whe using that program.

Comodo blocks all unsolicited connections by default.
So making tighter application rules is a way to keep also solicited ones to safest minimum as safe practice.
Since you should not assume that solicited incomings originating from connections out from your computer are safe ones.

Just my opinion.
Jarmo