I’m running Windows XP Pro SP3 and latest version of CIS (Firewall only).
One of my drive letters is a mapped network drive. I’ve been using it for years and never had any problems with it, until I had to replace the linux server where the drive is located.
I copied Samba settings from the old server to the new one, so it’s running exactly the same configuration.
Since I replaced the server, Firewall does not allow Internet access for apps installed on that network drive. It doesn’t matter if I add application as trusted or just click ok if it asks for Internet access. In both cases it will just keep asking me if it’s ok to connect, until the app will give up trying.
When I checked network security policy, I noticed that network apps are added / listed as X:\Ravager\Programy\folder\app.exe, which seems to be wrong. The correct paths are X:\folder\app.exe or \Ravager\Programy\folder\app.exe
Everytime I click ‘ok’ when app retries asking for Internet access, new rule is added:
If You Want To Allow All Applications Under A Particular Folder
Go to Firewall>Advanced>Network Security Policy
Click on Add>Select>Browse
Under the fine name type the path with an * At The End (Eg. d:\app*) and hit enter
Select “Use A Predefined Policy” And Choose Trusted Application From The Drop Down Menu And Click On Apply
And Its Done. All The Applications Under The Provided Folder Will Now Be Able To Access Internet
Note: Make Sure That There Is No Other Rules With Network Security Policy For The Applications Under The Folder And Your Firewall Behaviour Settings Should Be In “Safe Mode”
I added X:* and in the Network Security Policy it’s listed as \Ravager\Programy* which is the correct path to the network drive. But if I run any application which needs Internet connection, it still asks if it’s ok to allow access, and the request is denied when I click ok - the notification window just keeps popping up back.
If I allow access, another rule is added anyway, but with different, wrong path. And of course, it doesn’t work anyway.
Sorry For The Delay. Alright While Adding The Network Security Policy, Adding \Device\LanmanRedirector\ Before The Path . I’ve Attached A Screenshot for further understanding. Instead Of Allowing I Tried Blocking And It Worked. So You Can Check With Allowing.
Details:
Mapped Drive Letter Is Z
192.168.200.10 Is The Server Address
LPS-Common Is The Name Of The Shared Folder
Toolz[applications are stored under toolz] is the the folder under the Shared Folder
Alright. Lets Move In This Way. Since You Have Mentioned That Only The Firewall Keeps On Prompting, Check With The D+ Rule, How The Path Is Set For The Application Which You Are Trying To Access From The Mapped Drive. If Posible Post A Screenshot
Ok, I enabled the Defense+ and checked it, applications are added with wrong path just like in firewall rules. I tried to block app, works ok for local files and of course doesn’t work at all for network files…
I’ve also noticed one more thing: if I edit the rule, when it’s app path is listed as X:\ravager\programy\something, it automatically changes to \ravager\programy\ravager\programy\something.
Hello everyone, I have exactly the same problem as it is described here. Was it solved? I didn’t see here any solution :-\ For now I have to always disable firewall before starting applications from network drives It is annoying and of course not safe :-\
Programs on networked drives ( as well as other external drives (USB hd, USB stick) and encrypted partitions are not considered safe by CIS because they cannot be continuously monitored.
Each time after reboot or when the connection to the drive is shut down and reconnected it will ask you, It is by design.
ok - in general you are right. But this is our internal company application (information system) and I have no reason not to trust it. For me it is not problem every time to click on window for allowing access to internet (or specifically to our internal server), but problem is, that this application is not able to verify licence - when I clicked on button for allowing access, it is too late - aplication just show me window message, that it is not possible to connect server. Is it possible to somehow setup comodo firewall for such kind of scenario? It is just little bit annoying (and of course unsafe) to disable firewall before starting this app and then turning it back on.
I’ve had different degrees of success running applications from a network share. The only consistent way I’ve found, is if the application to be run is on the safe list and you run the firewall in safe mode. If you place the firewall in Custom Policy mode, it will invariably fail.
Back then when I reported the issue it was much worse - apps installed on network share asked for access every time, however it didn’t matter if I allowed access or not, it was always denied anyway.
map a drive letter X: to shared resource on a network (net.exe use x: \ipaddress\share)
copy telnet.exe to X:\
run: X:\telnet.exe 127.0.0.1 445
got message: “An invalid argument was supplied.”. <== WHY?
No notification window popped up (FW has Custom Policy Mode)!
All applications installed on network drives blocked by firewall:(
Windows 7 x64 SP1 + Comodo 5.10.228257.2253
It is annoying and of course not safe :-\
