Wow I feel really stupid now…every previous ZA user should be directed to this post https://forums.comodo.com/help/apps_acting_as_servers_resolved-t485.0.html. I apparently didn’t search for the right words…I do think there should be a place where we can post our network monitor setups to see if we have a secure setup. Because unless i’m wrong even if CPF is a SPI if your NM setup is wrong your security is not available if you give apps server rights.
Ok, I have been using ZA for several years now and finally just got sick of it’s bloated ways (especially since Check Point bought ZoneLabs out). Now I have been testing this firewall for several days now to see it’s security and it has done a great job so far. However, I have come upon an issue that I am not really sure of whether or not it is covered somewhere in the firewall. So, my question is this, is there a way to allow an application to be a “local server” and not be a internet server at the same time? ???
For instance, applications such as Diskeeper need to be local servers to be able to defrag your HDDs and svchosts should never be able to be a server for the internet but does sometimes need to be a local server for apps. If what I am thinking is correct and allowing apps to be servers allows them for local and internet, all they would have to do is call that port and in they go. Another good example is the explorer.exe which never needs to be able to access or be accessed by the internet but you can’t do anything without accessing it locally. Is there a way to allow just local usage but no internet with Comodo? ZA had a feature which was pretty cool which covered this very thing, but as I said ZA became way to bloated when CP bought them.
So after all this is Comodo able to perform this action? Can I allow a service server rights locally but not remotely and how do you do this? Thanks in advance for helping me out with this.