i have been seeing comodo firewall recommendations everywhere so i decided to give it a go
the problem is i am on a shared pc, and whenever something new/untrusted etc get downloadad and is about to run, comodo asks me what to do, is i send it to trusted application then i have no problems, but sometimes i dont want to send it to trusted apps, just use it once (even tho it is not an installer or setup program)
so far so good, the problem starts when my kid downloads something and wants to install or run just because a friend of him sent it via msn (ARGH!)
i thought that putting a password would prevent him from running anything that was not already trusted, but to my surprise he still can add the application to trusted using the popup alert, he can even just click cancel and then the program will run with no problems, this is potentially unsafe , if he downloads anything that he shouldnt there is no apparent way of telling comodo “DONT RUN ANYTHING THAT YOU HAVENT RUN BEFORE” and prevent it from displaying any option to allow it, i would like to know if there is such option of “trust nothing but only whats already installed”
even stop the balloons from showing (i have seen i can disable the balloons but it is the same as hiting cancel from the popup, the program just continues normally).
i hope i have explained myself.
i’ll try to put it here next in less words:
how can i prevent my child from hitting cancel in the popup and running unauthorized stuff?
how can i BLOCK everything except for what is already in, and disable all prompting?
i have read the tutorials and setup guides, and there is no apparent way of locking everything by default.
thank you.
Well the only thing I can suggest, is to go to miscellaneous then go to settings then go to parental control, then check enable password for the settings and check suppress the firewall alerts if the password protection is enabled and check suppress defence + alerts if the password protection is enabled. Tho if you do check those options it means that no alerts will be shown but if no alert is shown there is no way your son can get anything bad or untrusted to run, without knowing your password to undo the above that is!
already did and the result is that instead of giving me the alert, it just lets the program run, default should be to block it :/, i dont know why hitting cancel will do the same (apparently ) than hitting allow this time
ok then consider i am happy with what i have now, dont want i t to learn new tricks or anything.
just keep it as it is, and dont give me any more popups or prompts,
if something is no preauthorized then just block it.
also havel disabled all prompts and put a password.
what “mode” should i be working on? clean or safe?
i hope there was a “locked” mode or something like that
Erm I would say both the firewall and the defence + should be in safe mode tho I don’t use safe mode myself. Right I am using the help file to help you upderstand what I meant in my first post
Enable password protection for settings - Checking this box will activate password protection for all important configuration sections and wizards within the interface. If you choose this option, you must first specify and confirm a password by clicking the ‘Change Password…’ button. You will be asked for this password everytime you try to access important configuration areas (for example, all sections in the Defense+ Tasks and Firewall Tasks areas will require this password before allowing you to view or modify their settings)
Suppress Firewall alerts when password protection is enabled - If checked, no Firewall Alerts will be displayed when password protection is enabled. Parents and network admins may want to enable this setting if they do not want users to be made aware when a Firewall alert has been triggered. For example, a trojan horse program may be attempting to download itself or transmit private information to a third party. Usually, the firewall would generate an alert and ask the user how to proceed. If that user is a child or an inexperienced user then they may unwittingly click ‘allow’ just to ‘get rid’ of the alert and/or gain access to the website in question - thus exposing the machine to attack. Checking this option will block the connection but will not generate an alert.
Suppress Defense+ alerts when password protection is enabled - If checked, no Defense+ Alerts will be displayed when password protection is enabled. Parents and network admins may want to enable this setting if they do not want users to be made aware when a Defense+ alert has been triggered. For example, a malware program may be attempting to modify, terminate or delete a critical registry key in order to launch an attack on your machine. Usually, the Defense+ intrusion detection system would generate an alert and ask the user how to proceed. If that user is a child or an inexperienced user then they may unwittingly click ‘allow’ just to ‘get rid’ of the alert - thus exposing the machine to attack. Checking this option will block the activity of the suspected malware but will not generate an alert.
I hope that helps if not just post again and I or and others will gladly try to help
i have it just like that
it does ask me for password if i try to open the interface, but if i try to run a progam i just downloaded it just runs it without prompting
also i re-enable prompting/popus for defense+ and it asks me what to do, if i hit cancel i just runs, either way just runs foreign stuff, the only way to block unathoirized stuff is creating a rule to block it specifically, in my case this is not good since i dont know what will be downloadad in the future.
Now I really don’t know what to suggest…Yeah that is a big security concern. I will post back if I think of anything else, but I am sure somebody will beat me to it!
The mode you had the defence + on might be why that is happening.
This is for the defence + and what clean mode setting does on your system (it’s a cut and paste from the help file)
Clean PC Mode: From the time you set the slider to ‘Clean PC Mode’, Defense+ will learn the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards Defense+ will alert the user whenever a new, unrecognized application is being installed. In this mode, the files in ‘My Pending Files’ are excluded from being considered as clean and are monitored and controlled.
i have tried in both CLEAN MODE and SAFE MODE
and yes apparently defense+ is monitoring it, but that does not prevent the program from running
it does not trust the new application so it gives a POPUP asking what to do (if they are enabled)
if my kid hits cancel then the program just runs
if i disabled the popups and use a password well then no popup is shown but the applicationjust runs.
password is only for entering the APP GUI, but does not prevent the popup baloon from allowing my kid to add a new application or just hit cancel and continue with it, so as far as i can see the pw is good for nothing if popups are shown
on the other hand if they are not shown they just allow anything to run.
i have tried both in SAFE and CLEAN modes. same results
does this happen only to me?
can anyone else using v3+defense+
try this:
password protect CPF+DEFENSE
download something (some small app that does not need installation and that you didnt previously have)
try and run it
if you get a baloon/popup hit cancel
if you have have popups disabled, please post if the application runs.
I`ve just tried exactly what you suggest but get the exact opposite to you.Could you just check you are running in optimum security by looking under,
Miscellaneous/Manage my configurations/Select:Optimum Security should be greyed out with a tick next to it.
Could you also try putting D+ in “Paranoid Mode” and the firewall in “Custom” policy.Also go to Firewall/Advanced/Firewall Behaviour Settings and move the Alert settings to “High”
Have you ran the Diagnostics under miscellaneous.
Also what system Vista or xp
Matty
The top half of the logs where it says supressed where password/pop up protected.