After updating to the latest v5 Comodo Firewall (5.12), I’m having problems getting Remote Desktop to work.
Well, more like, the solutions that are offered here are no longer “enough” to get it to work.
Previous posts suggest to do the following:
Under Global Rules, allow TCP/UDP port 3389.
Then under Application Rules, specify the application C:\Windows\svchost.exe and allow TCP/UDP port 3389 to go through
However, this doesn’t work and Comodo ends up prompting me anyway saying that the application SYSTEM is attempting to accept an inbound connection on port 3389. I have to accept the 3389 connection via this “System” “application” to get RDP to work, but I feel that I’m doing something wrong by allowing such a generic term as “System” to work.
“System” is a very vague and unspecific application, the application path for it is greyed out.
Does anyone have any idea why this is happening?
The most recent change I made to my software configuration was to install ALL the Windows updates that were available on Patch Tuesday for Windows. Perhaps there was a change to the way Windows handles RDP after the update?
Unfortunately, I think this is a bug in 5.12. it’s something I reported when this version was in beta but it’s obviously never been fixed. RDP is a hosted process, i.e., it runs under svchost and not the ‘System’ process which handles most of the kernel threads. If you wish to use 5.12, you’ll have to allow the connection as you’re seeing it.
Below is an image showing the svchost connections for RDP and the alert from the system being connected to. As can be see, the alert is against the System process but the actual connection is against svchost.
Bummer. I was also getting reports from the firewall about something on port 2869 being used by “System”, which from what I’ve read is my router trying to connect to my computer for UPnP. Never got these reports before, so I get a feeling something was changed and/or wasn’t fixed, as you said.
I uninstalled the program and upgraded to v6. I don’t really like the new user interface - is there a way to use the v5 interface for v6?
