Hello i am a new user to Comodo.
I am just checking out its settings an one thing is strange. Ive been running Steam, and the firewall never bothered its internet connection at all.
In Firewall/Network security Policy, there is no rule for Steam. Only Winamp managed to get a rule. And a global rule to allow LAN traffic is also there.
Can other applications bypass the Firewall like that? Or is there a open port or something.
The reason you’re seeing this is because Valve is on the Trusted Software Vendors and you’re using the default settings.
Essentially, in this configuration, rules will be created known ‘safe’ software and hidden from the user. The idea is to make it easier for non-technical people to get started. If you want more interaction with the firewall, open Firewall behaviour settings and move the slider up to Custom Policy Mode. You might also want to increase the Alert activity.
Essentially, in this configuration, rules will be created known 'safe' software and hidden from the user. The idea is to make it easier for non-technical people to get started.The rules are not hidden. They are not being stored in the registry. That is to prevent creating a lot of rules. Having a lot of rules will make storing of rules slow. That is why the rules are not stored. Safe applications all get the default rule which allows all outgoing traffic and does not allow incoming traffic (Outgoing Only rule).
If you want more interaction with the firewall, open Firewall behaviour settings and move the slider up to Custom Policy Mode. You might also want to increase the Alert activity.
Quite so Eric, but my inference to being hidden, was simply related to the Application rules interface, not about storage.
They are not hidden there either. They are not being made unless you enable “create rules for safe applications”.
Aha that explains it!
So Defense+ Trusted Vendors is in connection to the Firewall that i didnt know. I have raised the Firewall behavior to custom, and since it has prompted me for Steam and Firefox.
I prefer this method to rather only “know” which programs are connecting. This way i am aware of sneaky software. I dont need raised alert frequency, because i wouldnt check out the safety of each IP and protocol. And in essence i can change the rule myself.
One thing remains, what does it mean when the custom behaviour sais “Firewall will not learn connection behavior of any application”?
How does it learn the behaviour in safe mode, that it doesnt learn in custom mode?
Thanks all!
It should say automatically learn.