1. What you did:
I run a Webserver on my host (10.1.1.1/24:80). Global rule allows incoming traffic on TCP/80. No application rule for webserver.exe exists and Firewall alert frequency level is set to “Very high” - all checkboxes checked except “This is an…ICS Server”. Now I connect from client 10.1.1.2. Alert pops up saying “10.1.1.2 - TCP, Port 80 wants to connect to webserver.exe” and I click “Allow this request” and tick “remember my answer”. CIS now auto-creates an IP MASK rule for 10.1.1.2/255.255.255.0 instead of a rule for just the one SINGLE HOST 10.1.1.2/32. When I don’t check “remember my answer” CIS acts the same way (all subsequent inbound connections to TCP/80 are automatically allowed!) - it just does not create a rule (of course).
2. What actually happened or you actually saw:
CIS creates a IP Mask based rule instead of a Single IP rule in “Very high” alert level for inbound connections.
3. What you expected to happen or see:
“Very high” FW alert level should create a rule/notify me for every different Endpoint (IP:Port)!
4. How you tried to fix it & what happened:
There’s no way to fix this from the user side.
5. Details (exact version) of any software involved with download link:n/a
6. Any other information you think may help us:This bug exists since V3.x already!!!
- Screenshots illustrating the bug:n/a
- Screenshots of related event logs or the active processes list:n/a
- A CIS config report or file.n/a
- Crash or freeze dump file:n/a
1. CIS version & configuration used: CIS 5.3.181415.1237 (Firewall Only). Defense+ temp. disabled
2. Whether you imported a configuration, if so from what version: No. Clean config.
3. Defense+ and Sandbox OR Firewall security level: Def+:Disabled, Sandbox:Disabled, Firewall:Custom
4. OS version, service pack, no of bits, UAC setting, & account type: Windows 7 Enterprise English, 32Bit, (SP1 installed or not makes no difference - tested both cases) UAC disabled, local Administrator account
5. Other security and utility software running: none
6. CIS AV database version: n/a