Afraid so. I tried importing them anyway (cuz I didn’t read the release notes very well) and it did nothing.
On the other side of it, this version seems to be pretty decent so far at recognizing and allowing applications; far better than the previous at any rate. I’ll give it a few days and then start tweaking.
LM
can someone help me with that?
Maybe a screenshot of grc text is better to understand it.
Andreas
For the rDNS issue, i guess you had some strange connections. This 2nd one looks normal.
Thanks, so you all downloaded from the forum 
Since this one requires different configuration settings, we havent put updates from previous versions.
There are serious architecural changes so the previous configurations are not compatible. Sorry about that.
Egemen
Hi Guys,
Let me explain the 2 new modes further.
1 - Installation Mode :
In thiss version of Defense+, there is a builtin security policy called “Windows Installer Application”. This policy, when applied, gives a process maximum accesss rights. When the system switches to the installation mode, the child processes i.e. the process which has “Windows Installer Application” access right will have the same rights as its parent.
For example :
xyzsetup.exe is treated as “Windows Installer Application”.
xyzsetup.exe will be able to modify everything. Later xyzsetup.exe tries to run “aftersetupconfig.exe” file. If you switch to installation mode, aftersetupconfig.exe will also have the same access rights as xyzsetup.exe.
This is more useful for windows updates. svchost.exe is the process responsible for downloading and installing windows updates in Windows XP.
1- svchost.exe will connect to the MS site
2 - svchost.exe downloads ie7setup.exe
3- svchost.exe runs ie7setup.exe
4- ie7setup.exe install IE7.
If you dont switch to installation mode, after step4, CFP is going to show its usual popups for the ie7setup.exe because it has no rights.
If you switch to Installation mode, it will be installed silently. Upto 3 chlid processes…
CFP will remind you every 5 minutes to switch back from the installation mode because of the implicated security risks.
For example, in certain cases, iexplore.exe can be run from svchost.exe. If the system is in installation mode, iexplore.exe can be treated as installer too! Thats why CFP will always bug you to switch from this mode asap.
I hope this makes it clear.
2 - Clean PC Mode
If your computer is clean, you may not want toanswer frequent popups. ın this mode, CFP will assume all the files in the fixed drives are safe and will learn all the activities of them.
However if a new file is introduced to the system, be it from the internet or from somewhere else, or even if a file is modified, CFP will immediately assume it as suspicious and move it to the My Pending List.
Later you can review and remove these files from this list. When you manually remove the files from this list, they will be assumed as safe.
My Pending List has other uses for clean PC mode too. For example, you may not want CFP to assume some files/folders as safe. For example your leaktester programs directory. You can add them to My Pending Files list and CFP will not assume them as safe.
We will provide a full documentation with the final release, but for now, i hope this makes things clear.
Egemen
NP I had all the relevant settings configured in no time.
BTW is install mode applicable only to the special windows installer policy or will it be possible to use another predefined policy as well and have all child processes inherit that one?
Currently only for Installer policy. Security implications for others must be identified clearly as it is hard to predict the effects of non-builtin policies.
Sorry to correct you on your post, v941726, but “Learnt” is a word, at least in Canada.
“Learned” or “Learnt” are both the Past Participle of the verb “Learn”. A past participle indicates past or completed action or time. It is often called the “ed” form as it is formed by adding “d” or “ed” to the base form of regular verbs, however, it is also formed in various other ways for irregular verbs.
It can be used to form a verb phrase as part of the present perfect tense.
For example: -
I have Learnt english. (“Learnt” is part of the verb phrase ‘have learnt’).
Trust this proves helpful.
Kevin
hi all (:TNG) it’s me again (am i right to post my question here?) :
i quote this on CFP download thread
[i]Known Issues:
1 - Firewall DoS protection is not active right now
2 - Tips are not active right now
3 - The default configuration does not contain all critical resources e.g. registry keys, COM interfaces etc.
4 - There are compatibility issues with some other security products waiting for investigation[/i]
should i be worried about these things? especially no.1, 3, and 4.
i have 2 computers: both XP sp2 media center edition
Ganda
Couple of small points;
What’s the “Windows Installer” setting in defense+? A lot of the time it seems to be the only available choice when I start a new app and it isn’t listed in the predefined policies. What are its restrictions and settings?
Will the ARP cache protection and blocking gratuitous ARP requests prevent the circumstances that Stem raised?
Where are the settings/options for the pseudo-COM interfaces to prevent privelege escalation?
Looking ■■■■■■ smooth so far.
Congrats team
Ewen
Could I use wildcard here ? I find I can use “*” here , but cann’t use “?” . Where I can use wildcard and where I cann’t , anyone can tell me ?
[attachment deleted by admin]
I used the version of comodo firewall before this one and everything was ok. But when I installed the newest beta the problems started. Comodo firewall crashes my network, after approximately 2 min. By crashing I mean that the internet stops working. I use windows vista, with avast free edition and U.S. Robotics Broadband Router model 8004.
What can I do, because I really want to use comodo firewall.
I currently have Comodo Firewall Pro V3 Beta Vista x64 3.0.8.214 installed, tried removing it to install the latest version but when I restart after uninstalling, my internet no longer works and even installing the latest comodo beta does not fix it, only a system restore fixes it as this then puts the old comodo beta back on (:AGY) .
It seems that when Comodo V3 Beta Vista x64 3.0.8.214 is removed it somehow screws up the SSDP discovery protocol which needs to be running for the internet to work, even manually starting it won’t work as it instantly disables it again :THNK
Can anyone guide me on how to remove the old beta without it destroying my network connection in the process as I want to install the current beta (:NRD)
The new beta looks great by the way, very nice work :BNC
I wonder if this is a bug. Can someone confirm this?
Since that name is already applied, i couldn’t click on unless i renamed the connection (there was an error message for that, so it’s ok).
I use WPA2 with draftn capable router, i got a g capable network card (see attached picture).
[attachment deleted by admin]
Hello mCrnja,
Do you have the same problem like i do here:
https://forums.comodo.com/64_bit_bug_reports/internet_explorer_vs_avast_webshield_vs_cfp_denied_webrowser-t13174.0.html ?
If yes, you should modify the denied rules (or delete).
Arki
I have Avast and CFP Beta 64bit and Internet explorer loads pages only about 1 in 5 requests!
Coincidence?
Very Frustrating but I guess thats beata
I’m wondering if anyone has done a windows update (in my case Vista) that needs a reboot as mine fail as before in Beta 2.
I’ve tried installation mode as well but no luck.
So anyone who has had success let me know how it’s done (that’s if anyone has had sucess)
Zos
Hi,
I have never seen “wants to act as a server” alert in v3 beta. For example, v2 was giving this alerts for Mozilla Firefox.
Any conceptual change ?