If App is on Whitelist does it automatically have access to the internet?

If an App is on the Whitelist does it automatically have access to the internet?

i.e. If the App is on the Whitelist, will I see pop ups from Comodo when the .exe or component .dll try to access the net?

thanks

If the firewall is set on safe mode, the answer is yes.
If set on custom policy mode, the answer is no unless you made a rule for the application. So without a rule, you’ll get an alert each time an application will try to connect.

Boris 3 is correct,

IF App is on whitelist it’s automatically allowed (in Safe Mode)
IF App is on whitelist it is noted in the alert (in Custom Policy Mode)

Hope this helps :slight_smile:

Jake

Hi Jacob,

It seems then that Comodo has a serious bug

My CIS - Firewall Behavior Settings

  • General Settings == Custom Policy
  • Alert Settings == Very High (ICS unchecked) all others checked

Let me elaborate

I have been using ZA for a while and when I do a simple MS Word test, ZA always comes up with a prompt on whether I want word.exe to connect via IE to the internet

TEST: Open MS Word → Goto ‘Help’ drop down menu → then select ‘Microsoft Office Online’

Using this test MS Word with CIS connects to the internet with NO Prompts (even with Custom Policy)

Is there an easy ‘global’ setting change I can make so that ANY app that tries to connect to the Net will ALWAYS ask for a prompt?

Thanks

Hello,

Have you enabled “Create rules for safe applications” in general settings?
also check network security policy to make sure any MSO Files are in there :slight_smile:

Will await your reply :slight_smile:

Regards
Jake

Hi Jake

No the “Create rules for safe applications” was not checked

And there are no MSO files in the network security policy

thanks

Did you set the firewall on training mode when you install CIS? If yes, the firewall coud have done an allow rule for MSO and if “create rules for safe application” was unchecked, you wo’nt see the said rule.

Please checked “create rules for safe application”, launch MSO online help, delete the rule that the firewall will show for MSO in network security policy. Now uncheck “create rules for safe aplication” and relaunch MSO online help. Normally, you’ll receive a popup asking you if yo want to allow or not.

I did a standard install of CIS
After installing CIS I increased the General Settings = Custom Policy ‘before’ opening any files

I tried this twice with no success.
After checking the create rules and opening MS Word, MS Word did NOT appear in the network security policy

Not only did MS Word (tried Excel as well) not appear in the network security policy, but there are still no pop ups

I am very disappointed I cannot get Comodo to work like my previous ZA installation

What could be wrong?

Check in network security policy for “clview.exe” , this is what it is asking me to allow when opening the help.

Hope this helps

It is quite surprising that you don’t get popups from the firewall under custom policy mode for applications without rules. I myself have several applications whose vendors are in the TVL and I receive popups each time the ones for which I intentionaly didn’t make rules are trying to connect.

Are you sure you don’t have an allow rule for the group “All Applications”?

If the problem is limited to MSO, you can still make an ask rule for this application.

Boris

There is NO clview.exe in my Network Security Policy

Only Firefox.exe, Comodo Internet Security, Windows Updater Applications and Windows System Applications

that’s it

I have NO allow rule for the group ‘All Applications’ in NSP

CSP has an ‘All Applications’ with a Custom Policy (which has each ASK check box ticked)

BTW I did not create the All Applications in CSP so I assume CIS creates it by default

Is this setting OK or do I need to change / delete it?

Well nothing so far has worked

So I completely ‘cleared’ all the contents in NSP (Application Rules) & CSP (Defense+ Rules)

After a few seconds this caused a BSOD on Windows XP :frowning:

After reboot, CIS now seems to correctly pop when I do the MS Word test :smiley:

MS Word now appears in Defense+ Rules :-TU

new PROBLEM: MS Word correctly blocks going to IE now but I do not get a ‘pop-up’ telling me it was blocked (although it does correctly appear in the logs)

How can I make a pop-up appear with each block (just to let me know)?

The All Applications rule in Def+ Computer Secutity Policy is the rule that def+ will apply by default to every unkown executable file and prompt an alert. So I’ll advise you to leave it unchanged. by the way it doesn’t have incidence on the FW rules

If you make a block rule, Def+ will apply it, show it to you in the log but of course won’t bother you with a popup since it’s doing what you tell it to do. If you want a pop up you’ve to make an ask rule.

That’s not possible.