Comodo only screening programs that access the Internet

BlueEyedFox · May 23, 2008, 4:35am

Why is Comodo only screening programs that access the Internet, when I used Zonealaarm it screened ALL programs.

For example, I am running DVD X Player but it was not detected

I want my firewall to screen all my programs even if there not accessing the internet where there just starting up incase of malware programs starting upo

Kyle142 · May 23, 2008, 4:50am

Hello Blue, A firewalls job is to secure you from the internet and will only notify you of internet connections.

Your talking about program control - This is where the HIPS does its job. I’m assuming you have defense+ set as Safe mode? Comodo has a HUUUUGEEEE database of safe applications and will not alert you of them because it is a safe program, It will only alert you of unknown programs that aren’t in the WHITELIST (safe list) that are trying to access your system. If you wish you can Change the defense+ to Paranoid mode and this will alert you of every application that try’s to run regardless of Comodo’s whitelist.

Hope I’v been of some help

BlueEyedFox · May 23, 2008, 4:55am

Thanks. Is there a place I can see application that have run on my computer and were automaticly approved? (That were considered Whitelisted)

Kyle142 · May 23, 2008, 5:10am

Do you mean where can you view the programs on the whitelist? I don’t think there is a public list ( I may be wrong ) but be assured that the programs on the whitelist are safe - only the team of Comodo puts them in.

You can always use Paranoid mode if your… Paranoid it will alert you of every application that try’s to run regardless if its in the whitelist or not.

Safe mode will alow the applications to run that are in the whitelist which do not trigger warnings because they are considered safe, and will only alert you of a application that is unknown\unsafe.

Example: paranoide mode - Will alert you if MSN messenger tries to run.
safe mode - Will not alert you because messenger is a safe application ← Safe mode will still alert you to new\unkown programs that have not been identified by the Comodo Team.

BlueEyedFox · May 23, 2008, 5:20am

I am talking about lets say I run MSN Messenger is there a log to see that I have ran MSN messenger or are running it?

Like…

Program “msn.exe” auto-set to run because it is on the whitelist [9:02]

Kyle142 · May 23, 2008, 5:27am

Open Comodo - Defense+ - Active Processes. <— Running Apps
Open Comodo - Defense+ - View Defense+ events - More… <— Logs of previous events

EDIT: I run Defense+ in Safe mode, And Just checked the loggs and for example, Msn.exe was not recorded ← This is because it’s in the Whitelist.

Blas · May 23, 2008, 9:53am

Im not sure, but so far it seems that the log is only showing BLOCKED actions.

If you want to look what applications were auto-learned because of whitelist or user aproval, go to defense+/advanced/computer security policy and/or firewall/advanced/network security policy.

Hope it helps,
Blas