[Feedback] Unexplained connections coming from cmdagent.exe to Comodo servers

Dear Melih,

I am writing here to give you feedback about Comodo Internet Security.

Ever since Comodo version 3, there have been connections coming from Comodo to update its Trusted Vendor list, with no means of disabling this automatic update. This means that I cannot deploy Comodo in a company requirement which adheres to strict security policies.

This has been mentioned on the forums several times already, and confirmed by numerous people, but the issue has remained.

These connections come from cmdagent.exe, first as a DNS query to secure.comodo.net and then a port 80 connection.

This has been confirmed on the latest version of CIS 5.8.213334.2131

I would hence like to ask you to finally get the developers to fix this issue, so that we can deploy Comodo in our company (which means buying the Comodo product and thus giving you money). A fix is a simple switch that allows us to disable this functionality.

Thank you.

[attachment deleted by admin]

Obvious question I guess, why don’t you simply block cmdagent.exe from making the connection in the firewall?

It is better if there is nothing to block rather than to have to block it, dont you agree?

Additionally, some of our machines (the ones who do not run in the secure cluster) would most likely use Comodo Antivirus, which requires cmdagent.exe to be able to connect to the internet for updates.

All the software we use in the company requires stringent security and privacy audits, and Comodo is currently failing them due to not having an option to prevent some of its own internet communication.

I have a feeling that if you install ESM along with the end point it will start to ping your internal servers not the outside. I have not played with ESM but this is how it works with other security software. Xcitium Endpoint Security Manager - enterprisexcitium

there is a free trial for you to play with there so you can see how it works.