Firewall rules für programs on removable drives not working

The bug/issue

  1. What you did: i have a VBScript on a removable drive (SD-Card) with the letter K:, which connects to a internet adress for downloading a file. Every time, I connect the SD-Card in the reader and start the script, CIS firewall ask, if the file is allowed to connect to the adress. In the firewall rules for the script then is the allowed rule multiple times and the firewall still asks ervery time again.

  2. What you expected to happen or see: no ask window

  3. How you tried to fix it & what happened: I have tried to change the rule from K:\script.vbs to *\script.vbs with no result

Your set-up

  1. CIS 5.3.176757.1236, AV database 7687 & Proactive config:

  2. D+= Paranoid, Sandbox off, Firewall=Eigene Richtlinie & AV= On access

  3. Windows XP, SP3, Admin

  4. Other security and utility software installed: No

[attachment deleted by admin]

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation

Dennis

Is this enough? Because I don’t know, what more can I write.

Sorry I missed that your problem was with removable drives when I saw your topic the first time.

This is default action no rules are remembered for removable drives for security purposes.

If you still wish to complete a Issue Report you will need to post a full report Example below.

Thank you

Dennis

[quote]
The bug/issue

  1. What you did: Applied the Installer/updater policy to myprog.exe, rebooted, then ran myprog.exe
  2. What actually happened or you actually saw: Unlimited access alert
  3. What you expected to happen or see: No alert
  4. How you tried to fix it & what happened: Ticked ‘don’t ask again’ on the alert, did not work
  5. If it’s an application compatibility problem have you tried the application fixes here?:
  6. Details & exact version of any application (except CIS) involved with download link: myprog.exe v. 5.1.005 (Beta), www.xyzwprog.com/download
  7. Whether you can make the problem happen again, and if so precise steps to make it happen: Yes. a) Check Myprog is installer/updater in Computer Security Policy ~ D+ rules b) run Myprog from Start menu ~ All programs ~ MyProg c) Get Unlimited access alert d) tick don’t ask again and press allow e) close program f) Re-start Myprog from same location g) get Unlimited Access alert
  8. Any other information (eg your guess regarding the cause, with reasons): D+ malfunctioning under load - cpu usage was high at the time.

Files appended

  1. Screenshots illustrating the bug: Appended
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: Appended
  3. A CIS config. report or file: Appended
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: 5.0.1000.1135, 6770, Proactive config
  2. a) Have you updated (without uninstall) from CIS 3 or 4: Yes
    b) if so, have you tried reinstalling (if not please do)?: Yes
  3. a) Have you imported a config from a previous version of CIS: Yes
    b) if so, have U tried a preset config (if not please do)?: Yes
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security level: D+=Safe, Sandbox=Enabled, Firewall=Safe, AV=Stateful
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3, 32 bit, None in XP, Admin account.
  7. Other security and utility software installed: CAS
  8. Virtual machine used: Vmware player
    [/quote