Feature Request

1. What version of CIS, or Comodo Firewall, are you currently using:
Comodo 6

2. What actually happened or you saw:
Under default configuration CIS allows unknown programs to open ports.

3. What you wanted to happen or see:
Is it possible to add a feature to block programs / services from opening ports on their own? (even with process impersonation / unauthorized elevation of privileges)

4. Why you think it is desirable:
Better security!

5. Any other information:
I had severe malware installed on my computer. Problem is, I can’t isolate which dll / exe it is. It impersonates apps (e.g. chrome / firefox) and opens random ports to external web sites. I can’t seem to block it successfully with existing versions of CIS. In fact, I have also had CIS damaged through the same process (circumventing firewall protection).

Thank you for submitting your wish request. Under a new system, which will help ensure better visibility of wishes to the devs, I ask that you edit your first post so that it is in the format provided here.

Only wishes in the format I linked to can be considered. Thus, please put your wish in that format.

Let me know if you have any questions.

Thank you.

PM reminder sent.

Thank you for editing your first post. I made a few other small changes, which I hope make the issue more visible. Let me know what you think.

As for your wish, I am wondering as to whether this has already been implemented. I know that with the default configuration unknown apps are allowed to communicate to the internet without the firewall alerting the user. However, if you change the configuration to no longer automatically allow requests these programs should now be blocked.

Is this option essentially what you are requesting?


Do you agree that the behavior you desire is already available if the configuration is altered?


Okay, as I believe this feature is already included in CIS (albeit not by default) I will move this to the rejected section.

If you do believe that your request is different from that already included, please respond to this topic and provide details about how your request is different.

Thank you.