Hola
I know this sounds plain and stupid, but I can’t enable VNC with Comodo.
I use tightvnc, and I’ve set the process as trusted.
I created a Network Control Rule to enable incoming connections on port 5900 (I actually tried 1-65000 range)
And no, the port is unreachable.
As soon as I set Comodo to disabled, I can connect.
Here are my global rules: http://i.imgur.com/6jC4I.jpg
There is no relevant entry in the log file.
What could be the problem?
According to TightVNC FAQ it uses TCP ports 5900 and 5800 by default, so try changing global rule to Allow TCP IN (instead of in\out) Destination port 5800 and 5900 (create 2 rules one for port 5800 and one for 5900), Also you need to allow those ports for actual program in application rules.
It might be worth checking your Application rules and also, as suggested by Maniak2000, making your rules in or out, as opposed to both. For the server you only need to allow inbound rules. For port, if you’re not using the Java web client, you only need to allow TCP port 5900. If you want the Java option, add TCP 5800.
[attachment deleted by admin]
After pushing something, in the settings, the block now shows up in the log. As you can see, the request comes from the router and is forwarded to the computer.
I’m pretty baffled. I’ve set the global rules to allow incoming on port 5900 (I don’t use the Java client), I’ve set the app as trusted, and it still blocks… again, if I disable the firewall, I can connect all right, so the problem must lie within Comodo.
Update 1: It might be worth noting that my home computer with Comodo 5.5.195768 has no such problems, even without defining any of the above rules.
Update 2: Now I also noticed that my Comodo shows no Inbound connections at all, despite running Utorrent and a number of similar applications… http://i.imgur.com/Y4cvz.jpg
The fact the inbound connection is being picked up by Windows Operating System, means they’re being discarded, because the firewall doesn’t recognise a valid recipient for the connections.
In your Global rule you’ve identified the IP address of the router as the source address, are you running VNC on the router? If, as i suspect, you’re actually connecting form a PC with a different IP address, then that should be the source address listed in the rule.
Edit: just a thought, have you forwarded the ports in your router for VNC and utorrent?
The fact the inbound connection is being picked up by Windows Operating System, means they're being discarded, because the firewall doesn't recognise a valid recipient for the connections.
How can I assign a port to an application other than an Application rule?
Also, the same scenario happens with Filezilla server - port 21 is blocked, even if I set otherwise (also picked up by Windows Operating System).
As I connect to various devices, I can’t set a fix address then, but changing incoming IP to “Any” does not help.
And yes, I use port forwarding in the router. As I said, I can connect everything (TightVNC and Filezilla) as soon as Comodo Firewall is set do Disabled.
If you have two PCs on your network, can you change the Global rule on the PC hosting the VNC server. For example, you have two PCs:
PC1 = 192.168.1.10 = VNC Client
PC2 = 192.168.1.11 = VNC server
Global Rule for the VNC Server PC
Action - Allow and log
Protocol - TCP
Direction - In
Source Address - 192.168.1.10 (The client PC address)
Destination address - ANY
Source Port - Any
Destination Port - 5900
Application Rule for the VNC Server PC
Application Name - tvncserver.exe
Action - Allow
Protocol - TCP
Direction - In
Source Address - 192.168.1.10 (The client PC address)
Destination address - ANY
Source Port - Any
Destination Port - 5900
Try the connection and report the result.
I did what you suggested, I connected the server directly instead of through the router (by chance, my setup was the opposite of what was described, .11 being the client and .10 the server)
Same results.
As I said, I find it strange that Comodo does not report any outgoing connections, even with apps like Trillian, Dropbox, Firefox etc. running.
My other computer shows them accordingly. About a month ago I had a nasty rootkit infection. I think I cleared it, all the network functions seem to work OK, but it took a while until I fixed them all. Could that relate to the strange behaviour of Comodo?
Can you post screenshots of your firewall application rules and firewall behaviour settings please.
My other computer shows them accordingly. About a month ago I had a nasty rootkit infection. I think I cleared it, all the network functions seem to work OK, but it took a while until I fixed them all. Could that relate to the strange behaviour of Comodo?
Certainly possible. Have you run a diagnostics - More/Diagnostics?
Can you post screenshots of your firewall application rules and firewall behaviour settings please.Sure:
I’ve tried diagnostics, and it found no errors.
Hovewer, I found another clue for a possible system error: I tried to reinstall Comodo. Uninstall-restart, then right after the first start after the installation, Comodo showed the outgoing apps right. After another restart, only one outgoing app shows up (System).
Unfortunately, I can’t see anything obviously wrong with your configuration and diagnostics seems to confirm this. Right now I’d remove CIS using Uninstaller Tool for Comodo Products and make sure any third-party security applications are disabled, including Windows firewall, then reinstall.
After reinstalling Windows, the problem is now gone. I think leftovers of the rootkit problem have caused Comodo to function erroneously. Maybe a better/more complex self-diagnostic tool would be… better 88)
Glad you got it fixed 
