I just uninstalled and the Windows Vista Update installed ok so it was not a Microsoft problem (well many like to blame them) lol.
So for now I will wait patiently for someone to let me know why this may not be working.
Zos
OS: Windows XP SP2
AV: Avast Free
ICMP filtering Doesn’t work correctly if the rule is something other than Allow ICMP In/OUT from IP ANY to IP ANY is type is ANY
Test case:
Allow ICMP Out Echo rquest
Allow ICMP IN Time Exceeded
cmd-> Tracert google.com
This may affect other ICMP rules as well
Are the developers aware of this problem? Because I ran into the same situation.
First of all I would like to say that CFP 3 is getting better and better. :BNC
Here are some bugs I found and a few suggestions:
1. The newest beta fails ICMP Echo Request test on Shields UP!! even though Global Rules are set to block any incoming ICMP Echo Requests. I used Stealth Ports Wizard to set Global rules. I chose the ‘second’ option ( ‘I would like to see firewall alerts for incoming connection’ ). Also, it seems that none popup window appears when there are some incoming connections.
If I choose the third option in Stealth Ports Wizard then CFP passes ICMP Echo Request test but it also blocks all incoming connections and that is not a solution for me.
http://img231.imageshack.us/img231/8295/pingtestfailedlx0.th.png
http://img403.imageshack.us/img403/4378/pingtestpassedfw5.th.png
[b]Workaround:[/b] Use 'Stealth Ports Wizard' and set your profile to 'I would like to block all incoming connections'. Then edit 'Glodal Rules' and add ports you need to be opened before 'Block All Incoming Request' rule. [b]Remember to press 'Apply' button in 'Global Rules' after adding a new rule otherwise it won't work.[/b] You must double the rule you just created in 'Application Rules' for application desired to use these newly opened ports. [b]Remember to press all 'Apply' buttons otherwise it won't work. [/b]
2. Small GUI bugs still present there. They’re not big but kinda annoying.
- You cannot restore CFP GUI window through tray icon if CFP GUI is already minimalized.
- ‘Traffic’ in ‘Summary’ is still refreshed too slowly.
- ‘Active Connection’ window acts weird if there is a lot of connections at once ( uTorrent + some other apps).
3. High hard drive activity. It’s easy to notice during ‘All Service Ports’ test on Shields UP!!. I guess it’s caused by high I/O operiations which save all this info to Firewall Events log. I’ve got preatty loud HDD(Seagate :/) and this constant swaping is very annoying for me. I think it wouldn’t hurt if there would be an option to reduce I/O operations by using some RAM buffer. Most of us have 1 or 2 GB of RAM so these few MB won’t be that much and if we could switch it on or off (on low RAM systems) and adjust the amount of RAM for buffering it would be perfect.
OS: Windows XP 32-bit Pro SP2 + online updates.
Active protection: Avira Antyvir(the latest freeware version), BOClean 4.25
Passive protection: HOSTS file, Spybot Search & Destroy, SUPERAntiSpyware Free Edition, SpywareBlaster.
I don’t know. Here XP32 SP2 and last Beta everything is fine.
[attachment deleted by admin]
Can you tell us the Defense+ access rights for Firefox for us to reproduce the behavior?
Thx,
Egemen
[ at ] zinc and [ at ] v941726 : I read this thread and I can confirm that if you use a too restrictive Defense+ ruleset some software like Firefox could rise CPU utilization to 100% This is due to the fact that the software repeatedly try to do something that is blocked by D+ rules.
You can look at Defense+ Logs to confirm this.
As for the reason v941726 found Firefox blocked in D+ this should be the result of importing the previous ruleset in the latest beta.
So in order to not experience unpredictable behaviours a clean install is needed because the old ruleset is not compatible with V3.0.0.9
i did do a clean install though. still have trouble even after changing defense+. had to uninstall. too many bsod’s with too many circumstances. had to uninstall. will rely on my router til full release.
kpc
Please look at %SystemRoot%\Minidump (paste this string in the Explorer window) and compress all files you find there and post them.
Also please list all the security softwares (antispyware,antivirus and so on) you are running.
Hi, I’m seeing duplicate settings in Defense + for some programs. I had a lot of them, unfortunately my brother was playing with the machine and deleted most of them, so I’ll post only one screenshot.
They tend to appear again after a reboot and not for Comodo’s certified programs but by programs that I manually add to the safe list.
[attachment deleted by admin]
I saw this in the previous beta too, if that may be of interest for Comodo’s staff…
LA
doesn’t seem to be producing a dump file. the only ones i have are from a few months ago before comodo. you know, B.C.
kpc
Viewing detailed Defense+ Events logs by clicking ‘More’ button cause incorrect column naming in CFP: Log Viewer. ‘Action’ is renamed to ‘Destination IP’.
In exported HTML logs column order is different than in CFP. I think it will be better if it will have the same order as CFP. Also, exported firewall’s HTML reports lack of ‘Protocol’ column.
In my opinion HTML reports should be more readable. Maybe adding some color background(in similar way like it’s done in Everest logs) would be helpful.
If you look at the duplicate settings you will see it is a DOS path (~1) are these processes running on system not user.
I have the same problem with AVG7.5 only the processes running in system cause these multi entries 4 each time in XP 1 each time in Vista.
I have defence set at Paranoid mode but are not asked for these entries they are entered by (Defense+ is learning) box appearing in right bottom corner.
Dennis
Thanks for the imput Dennis2, I’ll keep that in mind.
I posted a while back about high CPU usage when running P2P prgograms, and low download rates with eMule, well it is not just P2P programs, I’m seing this with opera opening a lot of pages at the same time.
I was doing some research today for work usign Google and some specifick Law pages here in Argentina and my machine stop responding (I’m talking about a dual core machine with 2GB ram and XP SP2), when I opened the Task Manager cfp.exe was using 100% of both cores and I had eaten 24MB of ram, almost three times as normal, and It is not just the firewall, I believe it’s Defense+ aswell that is using a lot of CPU time.
Jus to give you a picture, in a 10 hour session, the firewall used more that 3 hours of cpu time, which is ten times more than previous beta, which was hardly noticeable…
What is your D+ policy for emule? do you have D+ entries in the log? Did you install other security apps other than nod? Did you update nod recently? Does disabling nod lessen the CPU usage?
For some reason, it prevents Firefox from closing down properly. Can’t kill it using Windows Task Manager. Uninstalled and loaded Zone Alarm. Problem went away, so problem seems to be with Comodo latest beta.
I am running Vista 32 Home Premium on a Dell Dimension E521 with Antivir and BOClean.
Firewall and defense+ events are empty !! ??
Andreas
Is there anything else I can try to get the firewall to come on?
I unstalled CFP3.0.9 and everything was fine rebooted into user and all was fine then when I installed CMG(CMG_Setup_1.0.1.6_XP_2K3_x32_BETA.exe) the system froze on reboot in both User and Admin accounts had to boot into safe mode to uninstall CMG when I unistalled CMG, CFP3.0.9 ran Fine
OD
Win XP Professional (Spanish Edition)
Symantec Corp 10.0 AV server w/ securuty console
Yahoo Messanger 8.1.0.239
Andy Snap 3.0.0.33
Limited account US admin for installs and system maint