Computer security policy shows too many applications to count - taking just over 3 screen displays. Under “Treat As” most are set as “Custom Policy”, quite a few are “Installer or Updater”, and only Windows System Applications is set as windows System Application. Nothing is shown as blocked. I hope that answers your first question - I really do not want to edit each and every custom policy to see if any application has a default action of Block against Access name.
Both Thunderbird and Firefox have “Allow” against 4 items - all the rest are “Ask”
Comodo Firewall has “Ask” against Run as Executable - all the others are “Allow”
Under “Predefined Security Policies” I see nothing that looks like a default web browser.
Under “Predefined Firewall Policies” I see “Web Browser” which allows Loopback, and outgoing HTTP. FTP, FTP-PASV, and DNS requests, with Block and Log all Unmatching requests.
Under Network Security I find no use of “Web Browser”.
I have Global Rules, as set by Stealth Wizard
I have Application Rules - “Treat As” :-
Comodo “Outgoing Only”
Everything else is Custom, Thunderbird and Firefox and most others are "Allow IP Out from IP any to IP any Protocl Any
The only exception is svchost has “Allow IP IN from Any to Any protocol Any”, but I assume my Global Rules protect me from that.
The last 3 items in my Defense+ Log for this month show
10/05/2008 20:39:12 C:\Program Files\Internet Explorer\iexplore.exe Install Hook C:\WINDOWS\system32\mshtml.dll
12/05/2008 12:30:25 C:\Program Files\Brother Technology\AptDiff\aptdiff.exe DNS/RPC Client Access \RPC Control\DNSResolver
13/05/2008 17:06:04 C:\WINDOWS\system32\drwtsn32.exe Access Memory C:\Program Files\COMODO\Firewall\cmdagent.exe
The Firewall Log has many Blocked items, which are
svchost on Ports 135 and 139,
System on port 445
Windows Operating System Pings
These 3 applications were the only things listed for yesterday,
but a few other things were blocked, such as 188.8.131.52 which at about 1 hour intervals chose a different source port number to use for 6 off TCP at 3 Second intervals, each time aiming at my port 23317.
Network Defense is set to Custom Policy Mode
Proactive Defense is set to Safe Mode.
Apart from Comodo 184.108.40.2069, my only security is ESET NOD32 2.70.39 which waits inside the Firewall for Internet traffic to Firefox etc. I briefly tried the later series which went out and collected the traffic in such a way that the Firewall no longer identified the traffic with Firefox, but always identified as ESET NOD32 regardless of what actually processed / required the data. I am not sure of the definition of “proxy”, but I guess the latest version was a sort of proxy, and what I have reverted to is NOT a proxy. I also use obsolete Adaware which eliminates “tracking cookies”, but this is only scan on demand - I tried their latest version with Adwatch or whatever, but this was far to intrusive with real-time “protection” I never wanted, and every time I stopped the process it came back to life again shortly after.