Hi guys.
As I told in the title I told Comodo v. 3 to block lsass.exe UDP IN on port 500, but now I would like to allow this access but I cannot find anywhere lsass as a blocked application (at least not in the Network Security Policy) so that I can change that setting
Any suggestions? :THNK
Did you block it in a popup and tell it to remember? If so there should a rule for LSASS in NSP that you can just erase.
I blocked it in the popup and told him to remember, but no entry with lsass is contained in the Network Security Policy ???
Do you have an entry for “System”,pretty sure lsass.exe comes under “Windows system applications” at least it does in Defence+.
Regards,Matty
If you can’t find the rule anywhere, you can reinstall CFP, but that of course is if you can’t find the rules.
By now I’ve solved the situation with “define a New trusted application”
If I look at Defense+ → Computer Security Policy I can see a group “Windows System Applications” and a “shaded” lsass in this group BUT if I double click on it, a message saying “You need to use My File Groups window to edit this item”
Instead os reinstalling it couldn’t I delete just a single Settings file? What file exactly?
That might lead to a reinstall anyway. You can turn CFP into install mode and then make sure lsass is running, that should make CFP allow it. Or put D+ and Firewall into learning mode then run lsass be it by restarting the computer or what ever, that should make CFP allow it.
SOLVED
Thanks guys after that I put lsass in the “New Trusted Application” I erased it in the list (since, at that point, lsass appeared among the “Network security policy” items)
After some time COMODO popped up with a request regarding lsass trying to access port 500 and I said Yes and remember my answer (V)