2 suggestions to improve the firewall

Comodo Internet Security - CIS Added/Rejected Wishes - CIS
1

Hi, I have to sugestions for the Firewall. I used another firewall that had 2 important options:

  1. An ActiveX control. When you enter a website, and an ActiveX is going to execute, if you have that optin activate, the firewall alerts you and you can chose to allow or deny the execution (and remember your choice).

  2. When an application is going to connect to internet, and you have the firewall in “personalise mode”, the firewall asks you what to do. Yo can allow it or deny it. I miss the possibility of a “partial” allowing, chosing in this moment a specific rule (direction, IP, protocol TCP/UDP…, port, etc.) … I can’t do that, and the only thing I can do is allow the connection and then modify the rule; that annoying.

Are you going to add that options in the future?

Thanks for your attention.

Pd.: Sorry for my english.

2
  1. there is UAC control
  2. you can choose this option and the Firewall will ask you again and again, even if you select ‘remember my answer’, and it will make you angry.

[attachment deleted by admin]

3

Thanks for your answer.

  1. Where the UAC control is?

  2. Maybe I explained the question in a bad way (my english is really poor). I mean when the firewall ask you, and you allow (and remember), a GLOBAL rule is created (from and to all MAC, ant to all local ports, and from all remote ports). Sometimes, I want to allow an application a LIMITED access, maybe only to an specific IP address and/or to an specific port.

Here you have a couple of examples:

http://img258.imageshack.us/img258/3963/specificrules.png

http://img844.imageshack.us/img844/4630/specificrules2.jpg

In the second one, AZUREUS is allowd only in several cases. It would be useful when an application ask you to connect, you can choose if you want to give total access (one time or always, ticking the remember option) or only limited access (in this case, you would have a window, with the partial rule created, and you can modify or allow that specific rule, like the first example).

Can this feature be added in the future?

Thanks.

4
  1. in IE security settings, select ‘Administrator approved’ below.
    and use protected mode, and always use UAC.
    although it doesn’t remember your policy, it will ask each time you run the ActiveX.
    alternatively you can install and deactivate your activeX but you would rather not install it at first :wink:

Administrator approved

protected mode

always use UAC

deactivate your activeX

not install it at first

  1. if you allow your warnings at low level it will allow all of your connections.
    but if you allow it at high level, you can define specific rule.
    and also you can predefine your policy, and apply it when the warning pops up.
    it would be good if we can make the rule at warning time.

low

high

[attachment deleted by admin]

5

Transk for your usefull help.

The first of that, is that I use firefox, and I have noticed it has no problem with activeX, because it don’t use this. I will active that option in Explorer, because sometimes I use explorer, and don’t need activeX.

And about the firewall, I chenged “alert settings” to very high, and it works nearly i need it! If I remember my answer, the rule is created and the firewall don’t ask again … nice!

Thanks again for your really good answer and your patience!