URGENT: TRUSTED APPLICATION *EDITABLE* LIST

[Guest]

[good firewalL]

MAYBE in the the RC2 of CIS 3.5?
It is a massive security flaw to allow manual  trusted application input without being able to review from a list which applications are trusted.

Anyone with access to the windows desktop could add trusted applications & any mistakenly trusted application can't be removed!
 

[Kyle]

Welcome to the forums 

That's a very good point FirewalL.
So you mean that, Put a password on Comodo and that you can add trusted apps VIA pop-ups?
If you won't want this to happen please look at the screen shot provided.

[good firewalL]

while password protecting the application is useful, temporary trusting applications & the level of trust for certain applications is certainly a vital feature to determine what ip's  or ports are trusted for any given software.

Although its cnet.com download (rumoured to perpetuate spyware www.download.com); compare 'online armour free edition':
http://www.tallemu.com/

[Kyle]

Yes however, If the alerts are surpressed - the user won't be alerted and there for can't make any programs trusted.

By the way you have a pretty funny picture lol

[gibran]

while password protecting the application is useful, temporary trusting applications & the level of trust for certain applications is certainly a vital feature to determine what ip's  or ports are trusted for any given software.

Although its cnet.com download (rumoured to perpetuate spyware www.download.com); compare 'online armour free edition':
http://www.tallemu.com/

Parental control is meant to prevent unauthorized editing of configurations.
Besides if an use mark an app to be trusted it would be possible to manually revoke that mistake.

If you are suggesting to add a limited functionality mode that allow only whitelisted apps to be learned this should be already possible enabling the settings suggested by kyle and setting D+ to Safe mode.

In that case whitelisted apps (apps considered safe by Comodo) or added to Safe list will be learned without alerts (it's possible to prevent untrusted users to do this using parental control as above).

This way legitimate users can have full control.

[good firewalL]

Parental control is meant to prevent unauthorized editing of configurations.
Besides if an use mark an app to be trusted it would be possible to manually revoke that mistake.

WAIT I SEE NOW UNDER  "NETWORK SECURITY POLICY"...MAYBE THE SECTION SHOULD BE CHANGED TO "APPLICATION SECURITY POLICY"




READ OR DISREGARD, i wrote this before  I had  FOUND "NETWORK SECURITY POLICY" section:

How is this done???

I meant a list that defines which applications are trusted and what functionaility is allowed.

For example;
internet explorer port 80 TCP , 8080 TCP , 21 TCP   - would CLEARLY allow the user to know that INTERNET explorer is trusted as web browser and FTP client.
If  a strange port number was mentioned for example UDP port 31337 (back orfice trojan) it is important to be able to remove that single port access functionality so LEGITMATE software is not acting like spyware or to clearly identify spyware.

I have not been able to find the option to LIST the applications i have allowed ANY sort of access for , neither those I've defined as trusted!

THERE is a list of TRUSTED Software VENDORS, but  not useful if i want to trust software and block another software from the same vendor , internet explorer and outlook express for example.

the firewall has excellent ADVANCED FIREWALL FEATURES UNDER THAT TITLED TAB

[panic]

I meant a list that defines which applications are trusted and what functionaility is allowed.

For example;
internet explorer port 80 TCP , 8080 TCP , 21 TCP   - would CLEARLY allow the user to know that INTERNET explorer is trusted as web browser and FTP client.

If you click FIREWALL -> ADVANCED -> NETWORK SECURITY POLICY -> APPLICATION RULES, you'll see the list of what application have been granted or denied access on your system. The tightness or looseness of the rule (ports, direction, protocol, address etc.) is determined by the alert settings, found in FIREWALL -> ADVANCED -> FIREWALL BEHAVIOUR SETTINGS -> ALERT SETTINGS.

You can define sets of ports (FIREWALL -> COMMON TASKS -> MY PORT SETS) and apply these to applications which would explicitly restrict them to those ports.

If a strange port number was mentioned for example UDP port 31337 (back orfice trojan) it is important to be able to remove that single port access functionality so LEGITMATE software is not acting like spyware or to clearly identify spyware.

You can create a network rule that explicitly blocks individual known bad ports or you could create a port set of known bad ports and use this port set in a block rule.

I have not been able to find the option to LIST the applications i have allowed ANY sort of access for , neither those I've defined as trusted!

See FIREWALL -> ADVANCED -> NETWORK SECURITY POLICY -> APPLICATION RULES

Cheers,
Ewen :-)

[Tags:]