I am still learning Comodo firewall, but so far its a great product. I have managed to set it up for my needs, but having some problem that I am unable to solve. This situation is: another program has injected into Firefox, and is trying to connect to internet through Firefox. Now, at the time the question that poped up was
"Will I allow FIREFOX to access internet, but with the below notification that another program has trying through firefox to connect to internet. "
Now, my initial reaction was Deny, but without remebering the option. I thought it will only not allow firefox THIS time, but it is not allowing firefox to access internet AT ALL. The only thing hat resolves this situation is restart. But then again, the message pops up, and dillema is back. If I leave it as is (no action taken), cant browse with firefox either.
So, how can I tell firewall, than I dont want firefox to access internet ONLY when SomeProgramName wants to use it for its purpose.
One more thing troubles me: when I answer DENY in above example (with uncheck Remember this option"), where is this info stored? Can I remove this temp setting?
Hi Goran and welcome to the forums
These alerts may seem a bit confusing at first. ???
See this thread (the response from Krail) the mods can explain this in a less confusing way than I would https://forums.comodo.com/index.php/topic,8169.0.html
Normally when I’ve accidently denyed firefox usually a browser restart fixes it. If, as has happened, I deny svchost I do system restart just to be sure.
I think I’ve read somewhere here that restarting cpf will clear the non remembered rules.
I am aware I am able to “repair” it by restarting, but I am curious about one thing (couldnt find the answer on those links you gave me):
I have a program that is trying to infiltrate into firefox, and connect to internet through it. I know the program, I use it, but I dont wqnt to allow it to connect to internet. How will I achieve this?
It really depends which program is attempting to use firefox. Without knowing the specifics, it’s difficult to provide you with a useful suggestion. Perhaps if you could post a screen shot of the prompt, or give a detailed description of the event…
Hi, Toggie, I didnt mention application’s name, cause I find it irrelevant. But, if you ask for it, lets assume it is Total Commander. It infiltrates into Firefox, and uses it to connect to internet. I don’t want this to happen.
I think in this case, the details of the application trying to use firefox, are extremely relevant. I’m also going to need details of the prompt you are receiving. A screen shot would be the best way.
Ok, since you insist… I couldnt capture it for total commander, but I captured it for windows media player. Here it tries to use svchost, instead of explorer.exe, but makes no difference. I dont want to allow WMP to connect to internet, not idrectly, not through svchost, nor through explorer.exe. How to achieve this?
Goran
What I’ve done is added winamp, office apps and some others to the banned apps list (security tab\tasks)
Now, when I,ve had an office app and browser running for copy/paste I’ll get an ole alert that word is trying to do the lambada with the browser (this is what malware will do), even though word is a banned app. I always allow these without the remember option otherwise the browser will be blocked and “word” is not malware even if it’s an ms app. I don’t think it’s actually saying word is hijacking but that it could
I have run wireshark and cports during a couple of these episodes and found nothing out of the ordinary, no data transfer at all until I load another page. Checking that incoming and outgoing data it’s all coming from the right places, so word is not making any connections through firefox.
Since the latest updates these alerts have not been as frequent as before.
This is what I want a firewall to do, let me know what is going on.
I am aware of what OLE means. My question was not “what is it”, but how to “solve it”. As I have said, another program is injected into Firefox, or speaking in another word, embedded into firefox. My question was, how to prevent this program connecting to internet. Links you provided only give information about what is OLE automation, how it works, and what are the benefits of it.
this makes sense. You are saying that, when we specifically deny access to this applications (through Banned list or rule in application monitor - both of them have the same result), then no matter if I say #Allow# when the window prompt for action, it will not connect to the internet since there is a rule for this application that prevents it from accessing internet?
The only diff I can see with adding with banned apps it puts the full ip range in 0.0.0.0- 255. etc.
Well for myself I can say none of my banned apps have ever connected.
