Alert on localhost connections?

[Guest]

[amews_aj]

Well,
I start firefox, and press the shortcut for the extension, which launches an external .exe file.
Then firefox and the .exe file starts to communicate via localhost connections.
Comodo does not ask whether or not to allow in/out connections between those apps.
All other firewall does.

[egemen]

Well,
I start firefox, and press the shortcut for the extension, which launches an external .exe file.
Then firefox and the .exe file starts to communicate via localhost connections.
Comodo does not ask whether or not to allow in/out connections between those apps.
All other firewall does.

Try to set firewall to "Custom Mode" and then check your firewall rules for firefox.exe and delete the entry. It may be learning it automatically or because of a rule it may not be asking.

It should show you popup like this one.

Egemen

[amews_aj]

I tried after clean install, to delete the auto-created rules, and when firefox.exe opens, it asks for connection. But as soon as firefox.exe is allowed, the external app. which communicates with firefox, is also allowed. Not in the list, but no "ask" dialog.

[amews_aj]

I tested A LOT,
try it out yourself.
There sure is a problem!
it should ask by default...

www.fingerfox.amews.dk
You can get the extension from there.

[sded]

In custom mode, I see a popup for the localhost connections the first time they are made only.  Fpr example, I am using Thunderbird to ashmaisv.exe to stunnel.exe to connect to a mail server.  ashmaisv.exe is the virus scanning proxy, stunnel is the encryption proxy.  I turned off "remember" in the popups, and:  The first time through TB I got a popup for TB accessing localhost, then ashmai accessing localhost, then stunnel accessing the internet.  There were no rules existing or created.  If I closed TB and did it again, I got the same behavior.  If I accessed more mail accounts withoug shutting down TB, there were no popups of any kind.  This is consistent with the behavior I outlined above on the previous version.  If "ask" worked, probably you could try to make it work every time-I don't know; "ask" has never worked for me and is a known reported bug.  In "Train with safe mode" there were no alerts generated.

[egemen]

I tried after clean install, to delete the auto-created rules, and when firefox.exe opens, it asks for connection. But as soon as firefox.exe is allowed, the external app. which communicates with firefox, is also allowed. Not in the list, but no "ask" dialog.

The loopback connection is established by firefox.exe as you can see in the attachment. The external program is not connecting to loopback but replying to it.

Try to set your firewall to Custom mode to see popups othrwise CFP is possibly learning the connection because firefox.exe is a safe application.

Egemen

[amews_aj]

Well, when fx apache tries to listen for incoming connections (exactly like this extension does - I know, I made it), comodo ask to allow incoming connections externally.
Comodo should ask for incoming connection locally too.
All other firewall I tried did this.

[amews_aj]

I feel like we are going nowhere.
Please test it to confirm it.

Btw, the releasenotes for the new version does not seem to announce anything that could solve this issue.

[amews_aj]

I can make it ask for firefox outgoing connection, but all other firewall also asks for fingerfox incoming connection. Comodo should too..

[sded]

I am not a Firefox user, but can replicate your results.  I installed the extension and erased the Firefox firewall rules.  Also turned off Avast Ashwebsv.exe proxy so it would not intefere.  And unchecked remember on the rules.
 
When loading FF, got usual popups (2) for localhost initialization
Then popup for the internet access of the home page
Going to other sites got no further popups
Executing Fingerfox got the message "No login on this page" and also no popups
So this capability does not seem to be in the new version either

[amews_aj]

Actually, you have to go to a website with a loginbox on it.
The real application is only launched when a login area is available.
However, it makes no difference. Comodo does not ask.
This should definately be changed.
All other firewall that I've tested DOES this.
Even Windows Firewall.

[amews_aj]

Ok, well, today I tested another firewall that I used earlier.
I was so sure that it did ask about the incoming connection.
Guess what. It doesn't. 

So it seems to be something for vista firewall only.
I use Vista Firewall with the Vista Firewall Control addon.
It asks for incoming connection.
When Vista Firewall does, I think comodo should be able to do that too... 

So Comodo is still better than other firewalls. 

However, don't you think that this should be possible for comodo to do too ? (ask) 

I apologize for this long discussion...

[sded]

I think that this would be a very useful capability, along with the capability to get an alert every time this or other rules were triggered.  My experiment above showed that any anwer to a popup was remembered for the length of the session, even if "remember" was not checked, and things were only reset if the application was closed and opened again.  And I was running on custom/paranoid.

[egemen]

Hi,

Sorry to replying late. For loopback connections, CFP does not show "act as a server" or "incoming connection" alerts. This is mainly because it can not be connected outside the computer and if it is going to be connected from inside the computer,  it will already be caught by the firewall when an application tries to connect to it. CFP actually tries to ask as little as possible for the loopback connections.

Thats why initially, we used to move the reponsibility of handling loopback connections to the domain of the hips rather than the domain of the firewall.

Of course this is the case only for the loopback connections. But for real network interfaces, CFP will always ask before a connection can be accepted.

Thx,
egemen

[amews_aj]

Could it please be implemented as an option in an upcoming release?
"act as a server"/"incoming connection" alerts for loopback connections?

[Tags:]