No more firewall popups for new internet programs (3.0.13.286, Vista Ultimate)

[Guest]

[sded]

Firewall popups have disappeared after a few hours of operation.  Now when a new program tries to access the internet (weather watcher, browser using port 443, ...) It is simply blocked.  Workaround is to add it to the Network Security Policy manually.  Changing mode to custom, training from train with safe had no effect.  It is simply broken, although it worked for part of a day.

[egemen]

Firewall popups have disappeared after a few hours of operation.  Now when a new program tries to access the internet (weather watcher, browser using port 443, ...) It is simply blocked.  Workaround is to add it to the Network Security Policy manually.  Changing mode to custom, training from train with safe had no effect.  It is simply broken, although it worked for part of a day.

Can you please paste a screenshot of your "network security policy" dialog and list the other security software installed?

thx,
egemen

[sded]

Other security software is Avast!, Windows Defender- same versions as this morning when I installed 3.0.13 .  Uninstalled Comodo (again) so can't send full network policy, but opening stuff looks like below, then just the individual programs.  Only global rule is to block ICMP echo requests.  Tried also with Microsoft mail; just blocked, no popup.  But adding manually to the policy worked fine.  Will reinstall Comodo when there seems to be further testing to do.  At least it seems to unistall well.    Regards; Ed.

[egemen]

Did you use "Password Protection" and activate "Suppress Firewall Alerts" option? Or did you disable any of "Show alerts for XXX" option?

These are the only 2 possible reasons for the behavior you described.

E

[sded]

No; did none of those. Comodo simply stopped showing the alerts.  I went through the settings and nothing had changed.  Tried training mode, custom mode-still no firewall alerts for new programs.  These were programs unseen by Comodo previously.  On RC1 I had the problem that the firewall would not function properly at installation and had to be uninstalled/reinstalled a few times to make it work; thought problem was gone for final; looks like some variant has popped up again.  RC1 worked some of the time too!  Thought it might be connected to Avast!, but had the same problems with FTP programs which don't go through Avast!  Waited too long with RC1, and the installation/reinstallations wiped out Windows Firewall, SendTo, and Device Manager-had to go back to an Acronis Image.  So removed Comodo pending another release.

[sded]

Decided to reinstall Comodo 3.0.13/32x, Vista Ultimate, to look at behavior prior to firewall popup crash-hope it is not tied to 0000 GMT like the log, but I hurried.  In any case, looked at the browsers, since they are probably the most commonly used items.  So, when firewall seems to be working properly:
1) Both Opera and Firefox were ignored when they used port 80, presumably because they were using the ashwebsv proxy, and Comodo doesn't recognize proxies.  (BAD COMODO!)
2) When I went to and HTTPS site with each of these, proper firewall popups happened, and I told Comodo to treat them as Web Clients.  Network Security Policy was properly updated. (GOOD COMODO!)
3) IE is a separate case.  It was never added to Network Security Policy, even with an HTTPS.  There is a hidden/undisclosed policy for IE.  It is OK to have a library of trusted applications for the firewall; it is NOT OK to do anything other than add a visible rule to Network Security Policy when you hit something in the library.  Otherwise you generate chaos for the user.  (BAD COMODO).

Overall, Comodo gets a B- for its handling of these web browsers-not major problems, but not really good security or usability either.  (I used to have to do this crap for the Government sometimes with the Common Criteria  ).

[sded]

Verified today that the logging problem does start at 0000Z, and that the Firewall popup problem does not.  Started a bit earlier, after a few hours of operation, but discovered that resetting the alert settings to "high" got at least some of the popups back.  Another timer?  Even with "custom policy"/"very high", things like ping and tracert don't show up.  They did before, on one of the other installations when they were used before the problem occurred.

[Tags:]