My apologies if this has been posted before, but the greatest issue I am currently facing is the lack of differentiation between administrative and standard users with regards to the ability to create rules. On one computer family/friends often log into the guest or a standard user account to access the internet, play a game, etc. with no malicious intent. However, they have next to no comprehension of computer security or anything beyond the most basic of tasks, and so whenever a firewall alert pops up they immediately click either Allow or Deny because of the proximity to the cursor and a desire to not be bothered. (This despite pleading with them to simply ask for my intervention whenever an alert appears.) Needless to say this is problematic in the least. (So far they have done everything from blocking all internet access to allowing a file scan attack.)
Now, there is the ability to suppress all popups when enabling the parental controls (password protection), but it disables popups for all users, which prevents me from taking the appropriate action when enabled. That forces me to enable protection whenever I log off and disable protection as soon as I log back on, a huge inconvenience. What I would like, or should I say need, is the ability for Comodo Firewall Pro. to differentiate between administrative and standard users, enabling the administrator to hide popups from standard users. Rather than give them the option of allowing or blocking the application/connection, it would merely alert them that it is temporarily being blocked by default and to contact an administrator, who would be notified upon the following login.
I have an idea for you. Since the other people you are referring to are just click happy and lazy. You can simply use Sandboxie. I installed it on my friends pc with teenagers so she no longer had to worry about infections. Its a great idea. I bit of education to your friends goes along way before they end up getting infected. Here is a link for Sandbixe. There is also Safespace to think about but it can slow your pc down.
Sandboxie is a great freebie and I’ve been using it for quite some time. The problem is that it would not prevent them from, say, blocking a communication being initiated by a new program running on my administrative username while they are browsing the internet on a standard user account. That’s one I encountered today, and the 3-hour process I expected to find completed upon my return had never been permitted to commence, leading to a long search through the firewall rules before finally being able to start from scratch. Thus, I don’t see a third-party tool being able to resolve this one.
It’s not such an inconvenience if you had a shortcut on the CFP tray icon (right click context menu) to enable/disable protection. I don’t have CFP in front of me, can you check?
If it doesn’t have one, wouldn’t it suffice to have that shortcut and keep CFP as simple as possible?
Your suggestion isn’t a bad one, i kind of like it. But it seems unnecessary atm. What do you think?
There is a solution for your case. All has to be done manually but result would be exactly you search for, i guess.
So, first of all disable CFP GUI (cfp.exe) autorun for limited users (or all users except your account). Then set firewall to custom mode and defense+ to paranoid mode. Check option “block all unknown requests…” under defense+/advanced/defense+ settings.
Done. Next time limited user logs in he/she won’t see any CFP icon in tray (because gui is not loaded), no alerts, but silent blocking of unknown activities. But if you log in to your acc, GUI will be started and you’ll be able to see and answer alerts like always.
Using CFP 3 without GUI proposed russian user WIGF, so i started to use/test this approach due to his initial idea.
That seems to work, though I still hope some form of differentiation between users is made in a (near) future release to avoid the manual configuration and the apparent necessity of using Paranoid mode when I’m only semi-paranoid, looking for a fraction of the alerts.
I didn’t know why that mode is called “paranoid”. More definite title is “custom” imo.
Anyway, when we unload GUI or password protect it, all other modes except custom for firewall and paranoid for defense+ are really meaningless: they involve learning of CFP, but when we lock CFP for other users, obviously we don’t need any CFP’ learning…