I cannot access the internet with Comodo Firewall v3 running

[Guest]

[SpheresBEE]

Hello All,

I cannot access the internet with Comodo Firewall v3 running unless I use my Hosts file.  Then throughput is EXTREMELY slow like 100 Christmas'. ;-)  This includes both Firefox and Thunderbird.  If I uninstall Comodo everything works fine.  I can get out with, and am presently using, Vadilia/Tor/Polipo Bundle after allowing them in Comodo's rules.  Defense+ popups (Process Monitoring) seems to work fine.  Diagnostics sees nothing wrong with the install.  It seems that no DNS servers can be seen with Comodo Firewall v3 running (yes I tried my ISP's , Comodos and OpenDNS's, no joy!). 

Possible victim of DNS Spoofing??

System Info:
Asus M2N-VM DVI with nVidia nForce 630a chipset with on chip PHY Gigabit LAN
Windows XP Pro SP3
Computer is behind Hardware Security Appliance with Static IP assignment.  LAN netmask is 255.255.255.240. all 14 IP's are assigned to MAC's to preclude IP spoofing. DHCP is off.  All Computers on LAN have their TCP/IP config manually assigned to mirror Hardware Security Appliance assignments.

This is a fresh OS install.  I did have a more recent version of Comodo Firewall installed but decided to downgrade to v3. I Uninstalled v5 and ran Comodo's most recent version System Cleaner post firewall uninstall reboot to remove any registry orphans. v3 install seemed to run fine. 

This happened once before and the only way I could access the internet was to use Comodo Firewall version above v3 which should not be the case.  What does v4 + have that v3 doesn't???  It seems a bit suspicious!!!

Any ideas? Questions?

Thanks in advance and Happy Holidays!

[EricJH]

What rule do you have set up for svchost.exe in the firewall?

[SpheresBEE]

What rule do you have set up for svchost.exe in the firewall?

It did't do it automatically after reboot as usual so I manually selected running pocess's and added the rules in the following order for svchost.exe:

Allow IP (& later UDP) out from any to "xxx.xxx.xxx.xxx(DNS Server IP primary)"
Allow IP (& later UDP) out from any to "xxx.xxx.xxx.xxx(DNS Server IP secondary)"
Ask IP (& later UDP) out from any to any

I was never notified of an attempt to connect, also it didn't automatically add a rule for svchost.exe.  In the past It had done both.  What changed?

TIA

P.S.  Here are the following versions that had the same problem (keep in mind that installs were initiated after uninstall reboot and running the newest Comodo System Cleaner Registry Clean:
CIS v3.0.25.378, v3.10.102363.531, v3.13.121240.574 & v3.13.125662.579

This version worked without a problem: CIS v4.0.141842.828

Oh I just wanted to indicate how I absolutely hate the small download stubs that connect to a server to download and install a program (they are more work when dealing with DNS problems so I didn't test CIS  v4.0.135239.742 because of it) ).  I will always prefer downloading an Entire install package for archiving for future installs (besides the obvious benefits associated with DNS problems it also reduces bandwidth, it just cause's more consumption of polycarbonate ;-))

[HeffeD]

I was never notified of an attempt to connect, also it didn't automatically add a rule for svchost.exe.  In the past It had done both.  What changed?

In Safe Mode, safe files are allowed to connect without user interaction. Also, unless you specify, rules are not automatically created for safe files. These are changes to help improve usability. I'll post screenshots of how to enable rule creation.

Oh I just wanted to indicate how I absolutely hate the small download stubs that connect to a server to download and install a program (they are more work when dealing with DNS problems so I didn't test CIS  v4.0.135239.742 because of it) ).

Then it's a good thing that CIS doesn't install this way... 

The installer is the full version of the program. The only thing that needs to be downloaded after install is the virus database. If all you're using is the firewall, nothing further is downloaded.

[SpheresBEE]

In Safe Mode, safe files are allowed to connect without user interaction. Also, unless you specify, rules are not automatically created for safe files. These are changes to help improve usability. I'll post screenshots of how to enable rule creation.

Safe mode puts your safety in the hands of another.  I never run in safe mode!  I only ever run in  "Custom Policy Mode," thus my safety is in my hands!

I really appreciate the effort you put into your reply with the jpegs and all, but unfortunately the problem has absolutely nothing to do with pilot(user) error. ;-)  I've been successfully using CIS since v2.x was released. This is the first time I've ever had to ask questions in this forum.  This particular trouble is very perplexing indeed, as it's out of the norm.  Thanks anyway!

Then it's a good thing that CIS doesn't install this way... 

The installer is the full version of the program. The only thing that needs to be downloaded after install is the virus database. If all you're using is the firewall, nothing further is downloaded.

That's incorrect or I wouldn't have brought it up!  The CIS version I mentioned in context with that statement, on my computer, is in fact a stub and downloads and installs CIS.

Where's that moderator, "EricJH?" You asked a good question, I replied and was looking forward to any new thoughts you may have!  TIA!

Happy Holidays to all!

[EricJH]

Apparently you are using the webinstaller of CIS rather than the full installer. As to v4 it is best to use the v4.1. You can get a bunch of versions of CIS at Filehippo: http://filehippo.com/download_comodo/ . That should provide full versions.

To get back to your problem. Make sure you don't have "Do protocol analysis" and "Monitor NDIS protocols other than TCP/IP" enabled. Then see what happens. Also disable/enable "Block fragmented IP Datagrams"; this settings sometimes gives problems in big networks like like work or university networks.

[SpheresBEE]

As to v4 it is best to use the v4.1.

Any particular reason why?

You can get a bunch of versions of CIS at Filehippo: http://filehippo.com/download_comodo/ . That should provide full versions.

I have found that their links are sometimes broken, this case included!

To get back to your problem. Make sure you don't have "Do protocol analysis" and "Monitor NDIS protocols other than TCP/IP" enabled. Then see what happens. Also disable/enable "Block fragmented IP Datagrams"; this settings sometimes gives problems in big networks like like work or university networks.

Thanks for this consideration, I'll do some research and get back to you if problems remain.


Happy Holidays to ALL!

[EricJH]

Any particular reason why?

Leaks in the sandbox were fixed. And also the default allow all outgoing traffic default of the firewall changed to a safer default

I have found that their links are sometimes broken, this case included!

May be try Softpedia or other big download portals.

What versions are you not capable of acquiring?


Happy Holidays to ALL!
[/quote]

[Tags:]