Windows installer outbound

Should I allow these or not?

Thanks

 

Hi aigle

Yes. Windows Installer need it (sometimes).

In TCP port 80 (HTTP) , may be also port 443(HTTPS)
and
In UDP port 53 for the DNS requests as you see with your Firewall warning.

 

Allow the first one...199.7.51.190 is a registry (versign, etc) but I don't without problems..BLOCK the second one...62.149.114.6..you're sending info to COMODO..I don't use comodo but you should be able to r have a check box options, prefrence to not send. Supose to be voluntary..

 

That second one is strange..igw.net.sa is foreign.. U need to check that if U r In USA..

 

Hi Climenole and QuestionX! Thanks
So I should allow first one and deny the second!

 

Just getting back...allow the first and block the second...you're sending info to a foreign country...SA= saudia arabia..| 84-235-101-2.igw.net.sa ..and 62.149.114.6<<< dropped off when they found me pinging them..you can check on WHO"s if you can find them listed..later
---------------------------

 

I am in SaudiArabia!

 

Thats great! You can sent info to COMODO if U like, but I don't send info to my firewall provider. That will be your decision..have a good weekend..later

 

No, the second one is harmless! It is just a Saudi Arabian Telecom company's (aigle's ISP, no doubt) DNS server ip. Take a look at the port #.

The "Send to Comodo for analysis" is just an option to seek information re the parent application.

Even the first one is very likely harmless. All msiexec is doing is looking for updates associated with the program you are installing, if that program uses the Windows installer package.

 

So both can be allowed.
BTW whats, the harm of denying both?

 

1. Yes....however

2. for the heck of it, try denying both without creating a permanent block rule. I think it will not cause any problems.

 

It is just a connection to Verisign to check the signature of the program. Blocking this will cause no harm, (just no sig verification of the program)

 

U mean the first one?

Thanks

 

Both alerts are due to the signature check, one for the DNS lookup, one for the actual connection. (I have just run the installer for Safari303betasetup to confirm). So both can be blocked without problems.

Personally, I never allow msiexec.exe internet connections.

 

Thanks for the help Stem.
I am very grateful!