Adobe Premiere, After FX, Media Encoder + Intel AppUp + etc - CIS Firewall fix!

A year ago or so, I downloaded the Adobe Creative Studio CS5 demo, but I could not get Premiere Pro CS5, After Effects CS5 nor Media Encoder CS5 to work without setting CIS Firewall Security Level = Disabled.

Then I discovered that I had the exact same issue with Intel AppUp, which I downloaded yesterday.

By comparing them, I found out that all started a small server on my pc, which the main program tried to connect to, but Comodo Firewall somehow blocked those connections.
I couldn’t figure out what happened, I had “Log as firewall event if this rule is fired” for every rule that blocked, but there were neither pop-ups nor any entries in the logs.

Since I have both Defense+ disabled and no AV real-time scanning (I use NoScript in Firefox),
I knew that those modules could not be involved, it HAD to be the firewall.

Then after much tweaking, I finally discovered the error I had made.

I have - for many, many years - used the ‘127.0.0.1 HOSTS file trick’ -

Then, when I started using Comodo Firewall and later CIS, I figured that for extra security, I would also list some of the most dangerous domain names in
CIS Firewall → Network Security Policy → Blocked Zones

This was not a smart thing to do…

CIS Firewall does obviously ONLY work with IP addresses,
so whenever it starts, it translates any domain names in the ‘Blocked Zones’ list into IP addresses.
And instead of going directly to the DNS server, it does what every normal Windows program do,
it checks the C:\Windows\System32\drivers\etc\HOSTS file first.

If it says in your HOSTS file e.g.

127.0.0.1 reallydangerouscracks.net

and you have that same ‘reallydangerouscracks.net’ domain name is listed in the ‘Blocked Zones’ list,
the result is not good at all…:

CIS Firewall will BLOCK all connections to 127.0.0.1

And so, all the programs that uses servers located at your own pc will stop working.

Therefore, the rule has to be:
if you use the HOSTS file trick, do NOT include any domain names in the ‘Blocked Zones’ list.

I write this here because I read that other people here also had troubles with Adobe CS5 products,
and IIRC, they gave up - and so I did the same back then.
Maybe they made the same error that I did? If so, this is the solution! :slight_smile: