I am looking for a way to enable internet only for applications specified by the user when they are open and that after closing them, the connection will be blocked again. The block must be general when closing the application.
What advantage would this have? Greater security in computers that have not been used for a long time and with the Internet connection enabled. Danger that if the computer is infected by Rootkit or other viruses, be totally exposed to information theft.
Is this a new function? You could start voting for it so that COMODO can develop this functionality.
I don’t see how that adds any extra security. If you’ve got a rootkit your already at risk. Wasting cpu time on toggling firewall rules on an off to whether their active or not is a waste of resources, programs that are not running don’t make network requests and rules that are not applicable are ignored when processing said network requests.
If the rootkit hijacks a program for which you’ve got an allowed rule, if start it, it will leak. Protection from the rootkit is more of a Defense+/HIPs & File recognition thing then a firewall thing.
I understand what you say, but this does not happen often, so the risk is drastically reduced.
The function to block all traffic could be useful, but you should have exceptions for some programs. If the rootkit has infected the computer and not a specific program, connections that are not authorized are avoided, data traffic from programs that may be hidden is avoided, etc., etc. It is not the same as having data traffic (internet enabled) all day long if our computer becomes infected than having traffic only for the necessary applications.
It only takes the firewall to allow some exceptions after blocking all data traffic.
You could rate all the other apps as Unrecognized or use Custom Ruleset firewall mode & add your exceptions. Additionally, do not show popup alerts = Block Requests. I guess…
