Comodo does NOT alert when App tries to connect to the Net [NBZ]

Comodo does not alert when App tries to connect to the Net

It seems then that Comodo has a serious bug

My CIS
Firewall Behavior Settings

  • General Settings == Custom Policy
  • Alert Settings == Very High (ICS unchecked) all others checked
  • “Create rules for safe applications” is not checked
  • There are no MSO files in the network security policy
    Defense+
  • Defense Settings == Paranoid Mode

I have been using ZA for a while and when I do a simple MS Word test,
ZA always comes up with a prompt on whether I want word.exe to connect via IE to the internet

TEST: Open MS Word → Goto ‘Help’ drop down menu → then select ‘Microsoft Office Online’

Using this test MS Word with CIS connects to the internet with NO Prompts (even with Custom Policy)

Hope this can be fixed ASAP
Otherwise Comodo is great at blocking incoming (tested with grc.com)

  • just not very good at blocking outgoing

Thanks

UPDATE:

TOPIC TITLE
Comodo does NOT alert when App tries to connect to the Net

The bug/issue

  1. What you did: Open MS Word → Goto ‘Help’ drop down menu → then select ‘Microsoft Office Online’
  2. What actually happened or you actually saw: CIS connects to the internet with NO Prompts (even with Custom Policy)
  3. What you expected to happen or see: An alert asking if I want to allow MS Word to connect to the Net via IE
  4. How you tried to fix it & what happened: Question is, have your developers bothered to test this with Windows XP SP3 prior to release?
  5. If it’s an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (except CIS) involved with download link: MS Word 2003
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: Yes, each and every time with fail. Installed and reinstalled CIS and the issue happens every time
  8. Any other information (eg your guess regarding the cause, with reasons): Comodo is great at blocking incoming (tested with grc.com) - just not very good at blocking outgoing

Files appended

  1. Screenshots illustrating the bug: Of what? No alert?
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: Base Windows XP SP3 install
  3. A CIS config. report or file:
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: CIS 5.3, Proactive config
  2. a) Have you updated (without uninstall) from CIS 3 or 4: NO
    b) if so, have you tried reinstalling (if not please do)?: N/A
  3. a) Have you imported a config from a previous version of CIS: NO
    b) if so, have U tried a preset config (if not please do)?: N/A
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): YES
    Firewall Behavior Settings
  • General Settings == Custom Policy
  • Alert Settings == Very High (ICS unchecked) all others checked
  • “Create rules for safe applications” is not checked
  • There are no MSO files in the network security policy
    Defense+
  • Defense Settings == Paranoid Mode
  1. Defense+, Sandbox, Firewall & AV security level: see above
  2. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3, 32 bit, None in XP, Admin account.
  3. Other security and utility software installed: None
  4. Virtual machine used: None

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation

Dennis

I’m assuming as you say you are using a custom Firewall policy, with default rules left in place.

If you’ve given IE8 permission to connect in your Firewall, and permitted word.exe to open iexplore.exe (IE8) in Defense+, then you wouldn’t get a popup would you?

The popup would have been from Defense+ the first time you allowed word.exe to execute iexplore.exe, considering your using paranoid mode and have NOT made Word a system application (system applications and installer/updaters are allowed to execute applications without a prompt and system applications are listed in the Firewall as outbound allowed by default).

If you are using a lower policy than paranoid and word.exe and iexplore.exe are trusted/whitelisted, if you have given iexplorer.exe internet access through your Firewall then you would get no prompt either.

I’m not saying what is right or wrong, just trying to explain how it may happen.

Make an ‘ASK’ rule for IE (and all other browsers)…

[attachment deleted by admin]

Do you have any existing rules for Word or CLVIEW.exe, as I can make these prompt for any Internet request?

It might be helpful, if you were able to post a screen shot of your application rules and what ever you are doing in word that ‘bypasses’ the alerts.

We really would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format. You can copy and paste the format from this topic.

Thank you

Dennis

Thank you for your bug report in the required format.

Moved to verified.

Thank you

Dennis

Hello folks,

Guys, maybe it the same bug that I have reported here: https://forums.comodo.com/format-verified-issue-reports-cis/predefined-policy-for-windows-operating-systemcis-stops-asking-icmp-trafficnbz-t68297.0.html

Maybe, CIS is with problems with ASK rules. I will have to wait COMODO developers to take a look on this subject.

See you later,

Aeolis