Firewall permits full access when only specific IP and PORTS should be allowed.


i use the latest (v3.5.57173.439) comodo firewall with VISTA 64 BIT.

i set the firewall policy level to “custom policy mode”.

when i get a popup that a application want to access the internet i choose to permit that specific request and that comodo should remember my answer.
as in this example:

i know that is a local adress in my home network, this is only a example and is also true for example trillian and other programs.

now when i look at the policy i see that ANY access is allowed!
not only to that specific IP adress and PORT that was reported in the comodo pop-up above.

see here:

that is not correct i think and makes the firewall useless for my needs.
it takes to much time to edit all the rules by hand.
the outpost fireewall is doing it correct… creating rules that only apply to specific IP´s and ports.

i think this is not the way it SHOULD work.
i want the policy to permit the specific request (IP and PORT) i agreed to, not to permit everything … :-\

sorry for my bad english.

This can be changed by clicking FIREWALL → ADVANCED → FIREWALL BEHAVIOUR SETTINGS → ALERT SETTINGS and changing the alert level from the default “LOW” to “VERY HIGH”. A setting of “VERY HIGH” will produce rules that are application, port, protocol and address specific.

Ewen :slight_smile:

aha… ok thanks.

but let me say that this is a very confusing behavior!!

you think you add a rule for a specific IP and PORT to the ruleset and then by DEFAULT the application get FULL access.

i think that is not a secure way to handle things.

when there is written in the pop-up window: allow THIS request… then you don´t think you allow ALL access when you agree.

While I agree the default rulesets are promiscuous, the defaults are designed to be used “out of the box” for the mass market. While you and I understand protocols and ports, Mr. and Mrs. Average don’t necessarily have the same level of understanding.

At least CIS gives experienced users the opportunity to make the rules as tight or as loose as we like, while insulating less experienced users from the nuts and bolts under the hood.

Ewen :slight_smile: