I have my Comodo 6.2.285401.2860 running in custom ruleset mode. That means it should always ask me what to do unless I have a matching rule specified, right? Until recently, this seemed to work just fine.
Now I switched to an ISP that gives me IPv6 access to the internet. I noticed then that apparently for IPv6 connections made by programs that I didn’t create any rules for, the firewall just ALLOWS the request WITHOUT asking me!!! So its basically a default allow policy for IPv6. For IPv4 everything seems to continue working as usual. I think this may be a bug. Or I’m missed something. Can anyone shed some light on that? Thanks in advance.
Oh and one other thing: when I turn off the alert popups and choose to block the requests in question, they are actually blocked.
Did you enable IPV6 filtering? This is off by default, although I’m not sure why.
Yes, I did. When I create IPv6-related rules, they do work. Only when there is no (matching) rule the request is allowed without asking.
Seriously, is no one experiencing the same problem? What good is a firewall that just allows everything? This is a grave security problem for everyone using IPv6! I guess I will contact the support then…
IPv6 is not really in wide-spread use yet which could be the reason for lack of response, I don’t have IPv6 so I can not confirm nor deny this behaviour.
What I do know is that before I disabled IPv6 on my NIC (only have IPv6 on LAN, not outwards) I sometimes got alerts for the IPv6 loopback/localhost address i.e ::1
What you could try is a re-install of CIS to see if that fixes the issue, it might or it might not, re-installing CIS have fixed a lot of issues for me in the past, you can find a thread on how to go by this the best way here.
If you want to and if you have the time & patience you can submit a bug report here. (Make sure to submit it in the right format for a better chance of it being reviewed, format can be found here)
When I was using CIS 5 and enabled IPv6 I got all kinds of alerts too. The problem was that I got them even when there was a rule that should have prevented the alert. It seemed to me at the time that the “any” address rules didn’t match IPv6 addresses. I thought maybe in version 5 IPv6 support was still buggy, so I completely uninstalled CIS und installed the latest version. Initially I was glad to see that it didn’t show unnecessary alerts anymore–until I realized that we have gone from alerts that shouldn’t be shown to alerts not showing up when they should.
By the way, I contacted the support. No answer yet.