Issue: firewall conflicts with apps in truecrypted flash disk [NBZ]

Comodo firewall conflicts with apps running on truecrypted flash disk


Ticket Created On: 05 Feb 2011 04:00 PM
Last Update: 05 Feb 2011 05:00 PM
Status: Awaiting Reply

  1. truecrypted flash disk was mounted on U:
  2. app in U: (putty.exe) was detected as “\device\truecryptvolumeu\putty.exe”.
  3. “\device\truecryptvolumeu\putty.exe” always been “isolated…, unrecognized file and
    sandboxed…”
  4. “\device\truecryptvolumeu\putty.exe” CAN NOT be “Online Lookup” or “Submit”…

details:

  1. Version of our Products
    5.3.176757.1236
  1. Complete system details such as OS with service pack
    XP, sp3
  1. Other Security software’s installed in the system is in use;
    NONE

UPDATED:

TOPIC TITLE
firewall conflicts with apps in truecrypted flash disk

The bug/issue

  1. What you did:
    ran putty.exe in a truecrypted flash disk (mounted on U:)

  2. What actually happened or you actually saw:
    putty.exe was detected as “\device\truecryptvolumeu\putty.exe”,
    then been “isolated, unrecognized … and sandboxed …” ;
    “\device\truecryptvolumeu\putty.exe” CAN NOT been “Online Lookup” or “Submit”…;
    “\device\truecryptvolumeu\putty.exe” CAN NOT been “unsandboxed”;

  3. What you expected to happen or see:
    putty.exe should be detected as “U:\putty.exe”,
    and can been “Online Lookup” or “Submit” or “unsandboxed” successfully;

  4. How you tried to fix it & what happened:
    try with different Defense+, Sandbox, Firewall levels, failed.

  5. If it’s an application compatibility problem have you tried the application fixes here?: no

  6. Details & exact version of any application (except CIS) involved with download link:
    putty.exe, Release 0.60, PuTTY: a free SSH and Telnet client
    truecrypt.exe, 7.0a, http://www.truecrypt.org/downloads

  7. Whether you can make the problem happen again, and if so precise steps to make it happen:
    Yes.
    a) make a crypted flash disk with truecrypt;
    b) mount the crypted flash disk on (U:);
    d) copy putty.exe to U:, double click to run;
    e) putty was detected as “\device\truecryptvolumeu\putty.exe”, then was isolated to sandbox;
    f) found “\device\truecryptvolumeu\putty.exe” in Unrecognized Files;
    g) try “unsandboxed”, failed;
    h) try Online Lookup, results “unknown”;
    i) try Submit, Failed to open file;

  8. Any other information (eg your guess regarding the cause, with reasons):
    It should be a compatibility problem, programs in a truecrypted flash disk
    cant be detected correctly.
    Any .exe file (eg. firefox, foobar2000) ran in truecrypted disk will cause the problem.

Files appended

  1. Screenshots illustrating the bug: Appended
  2. Screenshots of related CIS event logs or the Defense+ Active Processes List: Not applicable
  3. A CIS config. report or file: Not applicable
  4. Crash or freeze dump file: Not applicable

Your set-up

  1. CIS version, AV database version & configuration used: 5.3.176757.1236, Proactive config
  2. a) Have you updated (without uninstall) from CIS 3 or 4: NO
    b) if so, have you tried reinstalling (if not please do)?: Not applicable
  3. a) Have you imported a config from a previous version of CIS: Not applicable
    b) if so, have U tried a preset config (if not please do)?: Not applicable
  4. Ave you made any other major changes to the default config (eg ticked ‘block all unknown requests’, other egs here.): No
  5. Defense+, Sandbox, Firewall & AV security level: D+=Safe, Sandbox=Enabled, Firewall=Safe
  6. OS version, service pack, number of bits, UAC setting, & account type: Windows XP, SP3, 32 bit, None in XP, Admin account.
  7. Other security and utility software installed: Not applicable
  8. Virtual machine used: virtual box or Not

[attachment deleted by admin]

We would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format here. You can copy and paste the format from this topic.

To understand the reasons why we ask you to follow these guidelines please see below.

WHY WE ASK YOU TO FOLLOW THESE GUIDELINES
Bugs/issues can be impossible or very time consuming to fix if developers don’t have enough information to reproduce them. Since CIS is free, development time is limited. So if you want your issue fixed, please use the format below to describe it.

To avoid clutter, issues not described in the format below your post will not be moved to the ‘moderator verified’ issues topic. This means that the developers may not look at it.

Best wishes and many thanks in anticipation

Dennis

We really would very much appreciate it if you would edit your first post to create an issue report in line with the bug forum guidelines and format. You can copy and paste the format from this topic.

Thank you

Dennis

Thank you for your bug report in the required format.

Moved to verified.

Thank you

Dennis