Allowing Remote Desktop to work - configuration issues

After updating to the latest v5 Comodo Firewall (5.12), I’m having problems getting Remote Desktop to work.

Well, more like, the solutions that are offered here are no longer “enough” to get it to work.

Previous posts suggest to do the following:

Under Global Rules, allow TCP/UDP port 3389.

Then under Application Rules, specify the application C:\Windows\svchost.exe and allow TCP/UDP port 3389 to go through

However, this doesn’t work and Comodo ends up prompting me anyway saying that the application SYSTEM is attempting to accept an inbound connection on port 3389. I have to accept the 3389 connection via this “System” “application” to get RDP to work, but I feel that I’m doing something wrong by allowing such a generic term as “System” to work.

“System” is a very vague and unspecific application, the application path for it is greyed out.

Does anyone have any idea why this is happening?

The most recent change I made to my software configuration was to install ALL the Windows updates that were available on Patch Tuesday for Windows. Perhaps there was a change to the way Windows handles RDP after the update?

Unfortunately, I think this is a bug in 5.12. it’s something I reported when this version was in beta but it’s obviously never been fixed. RDP is a hosted process, i.e., it runs under svchost and not the ‘System’ process which handles most of the kernel threads. If you wish to use 5.12, you’ll have to allow the connection as you’re seeing it.

Below is an image showing the svchost connections for RDP and the alert from the system being connected to. As can be see, the alert is against the System process but the actual connection is against svchost.

[attachment deleted by admin]

Yep, that’s the same problem I’m having.

Bummer. I was also getting reports from the firewall about something on port 2869 being used by “System”, which from what I’ve read is my router trying to connect to my computer for UPnP. Never got these reports before, so I get a feeling something was changed and/or wasn’t fixed, as you said.

I uninstalled the program and upgraded to v6. I don’t really like the new user interface - is there a way to use the v5 interface for v6?

Strangely enough, TCP port 2869 is handled by both svchost and the System process, it really depends which service is being used.

Do you know if it’s been fixed in V6?

It seems fine under version 6. As far as I remember, this was just a 5.12 bug.

[attachment deleted by admin]

Well that’s good at least. :wink:

is this a bug with 5.12.2599 and just remote desktop.
Or all traffic look at this. I have 5.12.2599 on one win8 x64 home premium with no remote desktop and it’ s smooth as silk. but look a these people sayiing ALL traffic is going through “Windows Operating Sytem”
on win 7.;msg636463#msg636463

There are a few odd things about 5.12…