Default Deny timed out?

[Guest]

[Sandwater]

I've been wondering for some time:  what happens if I miss a D+ notice.    Does it deny the action or give up and allow it.

After convincing a friend to use Comodo on her new HP netbook,  win xp, default Comodo settings,  I noticed  the mouse pad freezing up with D+ alert wanting to know if I should allow the pgm that controls the mousepad.  

Well,  all I had to do was wait till the notice went away.  Then, thankfully,  I got the mousepad back.

While I'm sure I can configure the mousepad permission's to not have this trouble in the future,  I'm pretty troubled by the fact that deny becomes allow after a short period of time.   What if it was a problem exe?

On my Win7 machine alot of notices come up while my back is turned, so I'm sure I miss some too,   I now  have to assume that whatever I miss is default allow.   Not too worried about this Win7 machine,  the notices I've seen are alway's about pgms I use,  plus I don't use it for anything too important.

I know Win7 isn't fully supported,  but the little HP dual core 1 gig XP netbook machine is.  

So maybe I got the answer to my question,   default deny is timed out and then allowed?

Do I have something wrong?  Hope so.  

[kail]

An unanswered alert will always result in CIS blocking whatever it was, unless.. the system/whatever beats CIS to it with its own time-out (if it has one).

The mouse? Well, it probably asked for something that it didn't mind not getting in end, which is why it continued after it was eventually denied (a guess, of course).

[Sandwater]

An unanswered alert will always result in CIS blocking whatever it was, unless.. the system/whatever beats CIS to it with its own time-out (if it has one).

That would be the same result then?  If the system shut down a request before the CIS alert was answered or timed out,  then the "issue"  would not have any changed permissions  and we'd likely run into it sometime again later on.

And on the mouse,  probably a few different exe's are needed for it, different functions,  I bet there is a not often used feature of the mousepad that is currently denied by CIS,  and it will show up again.

lol,  the hard part is giving it permission with the mousepad froze.  The keyboard only worked on the window that was open behind the alert.    So it's a good thing the time out exists.

Right on,   I feel better,  still believe I'm denying by default.  Thanks for the feedback.

[kail]

That would be the same result then?  If the system shut down a request before the CIS alert was answered or timed out,  then the "issue"  would not have any changed permissions  and we'd likely run into it sometime again later on.

Yes, a default deny/block will not be remembered, although it will be logged. I suspect that it is very likely that you will encounter it again. If, so.. and you're unsure, take a screen shot, post here & somebody will probably be able to give you solid advice on how to answer it.

And on the mouse,  probably a few different exe's are needed for it, different functions,  I bet there is a not often used feature of the mousepad that is currently denied by CIS,  and it will show up again.

lol,  the hard part is giving it permission with the mousepad froze.  The keyboard only worked on the window that was open behind the alert.    So it's a good thing the time out exists.

OK, once a default/deny is issued, whilst it is not remembered by CIS in the long term, it is remembered and deployed for the remainder of CIS' processes/drivers lifetime. ie. Reboot to clear it time.

Assuming you're happy with whatever is trying to happen is safe, there is a relatively painless way out.. stick Defense+ into Training Mode. Then do what provokes CIS's blocking behavior and if that means rebooting, do so. Once done, return Defense+ to its normal Mode and reboot for the final time. This usually is able to teach Defense+ everything it needs to know & resolve any issues. Actually Training Mode is very useful at introducing safe applications and games to CIS.

[Sandwater]

Thanks kail.  Your input helped alot,  I've rebent my mind to see the concepts correctly. 

[Tags:]