Why is my COMODO Firewall allowing all connections?

Discussion in 'other firewalls' started by Cvette, Jan 31, 2014.

Thread Status:
Not open for further replies.
  1. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    I just recently reinstalled COMODO Firewall on my second computer, and can't figure out why it's allowing all network activity despite the current configuration (see attached). Perhaps I'm blind as a bat right now :ouch: and can't see the problem. I would ask on the COMODO forums but I already have an account here, so I figured I would ask here first.

    *EDIT* COMODO prompts for a users input when launching Internet Explorer, and Steam. However, Google Chrome, Elpis (Pandora client), HitmanPro, Malwarebytes, Firefox, and Skype have all been allowed access despite the fact that there is no rule allowing them.
     

    Attached Files:

    Last edited: Jan 31, 2014
  2. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,695
    Location:
    Zagreb, Croatia
    In which configuration are you running CIS?
    Try to set it to Proactive.
     
    Last edited: Feb 1, 2014
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    maybe some antivirus is tunneling all data through its protecting kernel service. or you have disabled some important windows service, eg BFE.
     
  4. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    Outraged

    I contacted COMODO support, and was asked to install the GeekBuddy support software on my computer. I installed the software, and was connected to a support agent - who without asking what the issue was - requested permission to check the registry, temp files, and event log. I complied, and let the agent check those areas of my computer. The agent stated that my computer was heavily infected with spyware, and in critical condition.

    You must understand at this point that I am no stranger when it comes to the Windows operating system, and proper security practices. I was very "shocked" to know that the Service Control Manager logs contained in my event log are a sign of spyware. These entries are perfectly normal, and state when a system service has started, and stopped. I do not interject with my opinion and instead simply play along.

    The agent proceeds to tell me that it’s extremely important that I remove this spyware from my computer as it greatly compromises my system security. I interrupted, and asked the agent about the issues I am having with the COMODO Firewall allowing all in/outbound connections, but he/she could not answer the question, and instead insisted that we should resolve these spyware issues today. I ask the agent how exactly we can do that, and I'm told that the removal service isn't available to me unless I am a premium customer. The agent then told me about a "special promotion" that is available to me today only, how lucky! I respectfully refuse, and thank the agent for the offer but instead insist that I am here to resolve the issues with the firewall, and not the supposed spyware. He/she then offered to connect me to their manager so that I may be given a “special discount”, and I again refused, citing that I was unsure of the amount of available funds in my bank account for the day, and would have to call the bank at a later time. The agent insisted that I do that immediately as this issue puts my data, and private files at great risk.

    I am no stranger to these types of technical support services. I often prefer to play stupid so that I may evaluate the knowledge of the person assisting me. I am appalled by what I experienced today, and feel that I was taken advantage of as a customer. My computer is free of malware - this I know for sure. Had someone with little knowledge about their computer been placed in this same position they probably would have spent the money, and purchased the COMODO software.

    Forgive me for any hostile undertones detected in my message. I am simply outraged, and disgusted by this business practice.
     
  5. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    humm...
    I am shocked myself
    and even reconsidering the use of Comodo...
     
  6. Cvette

    Cvette Registered Member

    Joined:
    Apr 16, 2010
    Posts:
    373
    Location:
    South Carolina, USA
    Please understand that I'm not trying to start a revolt by saying this. COMODO Firewall is a great product - one of my favorites - so don't let this impact your opinion on the software itself.
     
  7. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    I'm familiar with their software and their ways
    sometimes I just trust human nature to much
     
  8. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    Re: Outraged

    Yeah. I also find this very shady. I use Comodo on a windows laptop and this makes me think I should reconsider using it.
     
  9. Lucius

    Lucius Registered Member

    Joined:
    Dec 9, 2010
    Posts:
    72
    Well I think you need to enable "create rules for safe applications" option. o_O
     
  10. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    1,231
    Location:
    Romania
    You should have paid to become a premium user and then to get the answer "we don't know sir, please remove your spyware first." :D Comodo support is really awful.
     
  11. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    Maybe the services you are seeing connect to the internet are on Comodo firewalls white or approved software list. Doesn't this firewall do that?. Or as suggested your antivirus is allowing all connections. Does it have a web scanner? Most of them do.

    As for the treatment you received yes that pretty bad but they are no doubt trying to sell something. Maybe the guy was on some sort of incentive or commission.

    I personally switched to using Private Firewall. But, I turned the protection to the highest level. There doesn't seem to be much communication going on at that level. The developer for PFW does answer questions & is willing to help.
     
  12. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,915
    It won't help.
     
  13. ccddeee

    ccddeee Registered Member

    Joined:
    Feb 7, 2014
    Posts:
    2
    Location:
    China
    please try to set the firewall as "safe mode" instead of "custom ruleset".Not sure this will help.
     
  14. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    any logfile present you can show us? (like adwcleaner)

    nevertheless if the system is infected anything is possible and any security software like antivirus or firewall can be pretty useless - not only comodo.


    @ZeroDay - please only cite what you refer to (or nothing if in common)
     
  15. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    494
    I ve seen this firewall creating rules to allow everything with an older version as well.

    This level of protection can be achieved by uninstalling.

    There is no need of a firewall if it allows everything to pass through ,unless the developer intention is that the hard-coded Comodo DNS servers in this software to be used to track your PC web usage habits via DNS records as the calls are made to them.
    There seems to be a trend among security software in allowing everything so the user is not disturbed with questions ,denying the very meaning of a 3-rd party security software.

    They add all kind of complicated HIPS in this firewalls and at the end ,with their implementations ,they are practically denying the purpose of the software.
    Who cares about the HIPS ,if anything gets thru at network level.
     
  16. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    @Sm3K3R

    Did you have create rules for safe applications checked? Also, users need to be careful about the allow and treat as options when they receive pop-ups. Unless you specify a strict profile for things like web-browsers, etc. Companies develop these products for the average consumer. It's suppose to be lent on restrictions so that users don't allow or block an application only to spend the next several hours in forums and support trying to get uTorrent to properly function on their system. Even if you are adept at creating rules, you still have to contend with websites that don't use a static address for pushing out updates, etc. Software is only as effective as its operator as as secure as the system (hardware, kernel, and all) that it is installed. There is plenty of blame to go around, it doesn't all shoulder on the application developer. Even if you stick with a built-in firewall, the burden of responsibility doesn't change much. There are limitations to out-of-the-box security solutions.
     
Loading...
Thread Status:
Not open for further replies.