add an option in firewall behavior settings, “monitor the partially limited process only”
There is already a function in View Active Processes that pretty much does what you want. It can set to only view sandboxed processes by using the right click dialogue.
I wish firewall popups alert windows only for the sandboxed applications.
When running in safe mode you would only get alerts for unknow programs, and with the sandbox enabled, those would be sandboxed.
i hope you mean, “especially for sandboxed applications”. because you can not be sure that you want any unsandboxed thing to have the abillity of connecting on its own.
Yes.
I test a malware.
1.double click on the malware
2.the malware is sandboxed automatically
3.then, it execute %windir%\system32\svchost.exe
4.svchost.exe connect to the internet
5.comodo firewall does not popup an alert window for it
The sandboxed program cannot start another program without notifying the user.
I set the configuration as internet security.
So, defense+ can not popup an alert window when sandboxed process start another program.
[attachment deleted by admin]
nice finding,
as internet security should mean total control to internet connection related stuff.
i would change the headline, to make it specific.