i use the latest (v3.5.57173.439) comodo firewall with VISTA 64 BIT.
i set the firewall policy level to “custom policy mode”.
when i get a popup that a application want to access the internet i choose to permit that specific request and that comodo should remember my answer.
as in this example:
i know that 127.0.0.1 is a local adress in my home network, this is only a example and is also true for example trillian and other programs.
now when i look at the policy i see that ANY access is allowed!
not only to that specific IP adress and PORT that was reported in the comodo pop-up above.
that is not correct i think and makes the firewall useless for my needs.
it takes to much time to edit all the rules by hand.
the outpost fireewall is doing it correct… creating rules that only apply to specific IP´s and ports.
i think this is not the way it SHOULD work.
i want the policy to permit the specific request (IP and PORT) i agreed to, not to permit everything … :-\
This can be changed by clicking FIREWALL → ADVANCED → FIREWALL BEHAVIOUR SETTINGS → ALERT SETTINGS and changing the alert level from the default “LOW” to “VERY HIGH”. A setting of “VERY HIGH” will produce rules that are application, port, protocol and address specific.
While I agree the default rulesets are promiscuous, the defaults are designed to be used “out of the box” for the mass market. While you and I understand protocols and ports, Mr. and Mrs. Average don’t necessarily have the same level of understanding.
At least CIS gives experienced users the opportunity to make the rules as tight or as loose as we like, while insulating less experienced users from the nuts and bolts under the hood.
