Q:
I don’t receive Threatcast alerts, what’s wrong ?
A: (from Egemen)
Please make sure of the following:
1 - Register Threatcast while you are connected to Internet
2 - You must see the Threatcast TAB in the popup. If you do NOT see it, this means you could not be registered
3 - If you see the Threatcast tab but do not get any ratings, it can be related to server load and/or the alert you see is not processed before/yet.
It is not necessary to be connected to be registered to Threatcast but cfp.exe will register if you opted in. However if it did not work, then just register while connected.
If it does not register just try to subscribe it(Misc->Settings->Threatcast) while you are connected to the internet and restart cfp.exe(systray icon, exit). Until you see Threatcast tab in popups.
And if you do not see any threatcast ratings that could be due to server overload.
Egemen
[b]Q:[/b] I'm on a corporate/school/roaming network and my ratings do not show, how's that possible ?
A:
The most probable cause is that the network administrator has blocked outgoing traffic to the Threatcast servers so your client is unable to contact the servers to get a rating for your alert.
A bit more background on the Threatcast registration and checking process
First it does a DNS query:
Hostname: threatcast.comodo.com, resolves to 72.9.241.58
Then it connects HTTPS to:
“CONNECT threatcast.comodo.com:443 HTTP/1.0” 200
Registering to the Threatcast server(s).
Pinging threatcast.comodo.com [72.9.241.58] with 32 bytes of data:
Reply from 72.9.241.58: bytes=32 time=108ms TTL=51
If you want to log packets send to it make the following rule on your network policy:
Add, c:\program files\comodo\comodo internet security\cfp.exe
Allow & Log, Outgoing, UDP, Source Any, Destination 72.9.241.58, Source port Any, Destination Port 53
Make sure to put it “above” the Comodo default allow outgoing rule, It can also alert for DNS requests to your own DNS servers (to resolve threatcast.comodo.com) also allow those.