Please post here predefined rules, port sets, safelisted apps you wish added to the next V3 version.
I think svchost.exe and System should be added as many ask why they access Internet, and if they deny one of them, the computer might not function as it should.
So here’s my list for firewall safelist:
svchost.exe - Port 53, 67, 68, 80, 123 and 443 Parent services.exe
System - Port 137, 138 and 139. Parent System
aawservices.exe - Ad-aware 2007 - Parent services.exe
ashMaiSv.exe - Avast! Antivirus Mail Scanner - Parent services.xe
ashWebSv.exe - Avast! Antivirus Web Scanner - Parent services.exe
avast.setup - Avast! Antivirus Update
Firefox - Firefox web browser - Parent explorer.exe
Internet Explorer - Microsoft Internet Explorer - Parent explorer.exe
msnmsgr.exe - Windows Live Messenger - Parent explorer.exe
SpybotSD.exe - Spybot - Search & Destroy - Parent explorer.exe
spywareblaster.exe - SpywareBlaster - Parent explorer.exe
I use CPF 2.4, so don’t know what Defense+ rules they would need, and for all application except svchost.exe and System, I use TCP/UDP In/Out, all ports.
Also, I’d like to see the whitelist database getting updated about once a month, since programs will update, and then CPF won’t recognize them.
Ragwing
I have an HP Printer connected on my LAN via TCP/IP. I found that I could not print anything because the System process was blocking incoming traffic from the printers’ local IP address.
I added a rule to the System process to allow IP In/Out from my LAN, after which I think the system spawned some other processes to handle the printing/spooling.
Does this sound normal? If so, perhaps the System process should come auto-configured to allow incoming requests?
Comodo Firewall Pro Beta 3.0.7.208 32bit
WinXP Pro SP2.
I would like also see Avast added to automatic safelist… Also Windows and Microsoft Update, Windows Defender, MSN Messenger, GOM Player, WinAmp…
I believe this is normal but I think when you create a trusted zone it should automaticaly create an alowall in under system or it should be created in learn all mode I also had to manually create the first rule to allow in from my trusted zone.
After I got this working I limited this rule to
Allow TCP or UDP In from Zone:[LAN] to Zone:[LAN] S. port PSet:[FPS]Any D. Port PSet:[FPS]
FPS ports is a port set [135-139,455,0] I am not sure I need port 455 with my particular network set up however if you have bet bios over tcp disabled you might. I had to enable port 0 as I was seeing traffic from my WS to Remote PCs that i was trying to conect to and it would not connect. As soon as I added port 0 It was up.
The port 0 trafic is not showing in my loggs after it is working and I log everthing in and out.
OD
Opera
And ftp and telnet ports should be in ports list .
I agree on Opera. Opera has besides a web browser an email/newgroup client, IRC client and rss feeds. So, it will need permissions for the ports related to that activities.
You could “Literally” end up with many 100’s of 1000’s of programs on a Whitelist or SafeList, and quite possibly into the millions, so a thread like this can easily be overwhelmed with requests…in theory of course.
I like the idea of allowing users to build their own personal WhiteList from installed programs on their machines. If they feel that everything on their machine is safe, then that’s great for them, but a list built from a thread like this can easily be corrupted with programs that less “diligent” users may consider Safe, but which in reality are not. It’s too daunting a task for anyone to minitor every Windows program out there, so some less than savoury programs could make it into a safelist such as could be built from a thread as this .
Also, what “I” consider a Safe program, may be too strictly enforced for others, and vice-versa, so again I think the best way to do this is to scan a users system and then offer a list of ALL Non-Windows programs found for the user to pick from. This also offers a way for a user to recognize something they weren’t aware was installed possibly, and allows them to remove it if needed
What I think a default WhiteList from Comodo should look like is a listing of all known Windows and System critical programs (services and processes are actually small programs), and all known safe Security programs (AV, AntiMalware, Firewall…etc), and the user build their own personal safelist from that point on. With so many different programs available for every little thing anyone can possibly do on a Windows machine, I think that’s the Prudent way to go personally.
I’d like to hear what others think too…do you think it’s possible to actually Build a useful SafeList of programs? It literally would have to be updated pretty much daily to be of any good, and requires that someone literally check out every single entry for validity. Then us users have to trust that someone is actually Doing just that, and that their version of what makes a “Safe” program is the same as our own is.
I think it would soon become so unwieldy as to make it a nuisance instead of a feature so I think it has to be limited to a certain degree, to the types of programs that almost EVERY User will have installed, and then let the user themselves decide what other multitude of smaller programs they wish to add onto a personal safelist.
Dave
Thanks for adding my superantispyware request, I hope that is taken care of soon. Anyways can you please add lexmark printers and etc., Comodo beta 1 messed me up a few times durning printing alot of important things, thank you. (:KWL)