Hello everyone,
I have one really annoying problem. I’m running few application from network (application is started from network drive) and despite the fact that I mark this application as trusted I have to allow every attempt to connect internet. Is there anny solution for this?
Thanks
Jerry
Did you make it trusted in Defense +? D + does not see external drives as safe by definition. So it won’t remember the rule you made.
I have an almost identical problem as the OP, except the app I am running is not on a network drive, but a truecrypt mounted volume.
I’ve tried setting it as a trusted app, applying an application rule directly, telling CIS firewall to remember my choice, but it still keeps asking for permission after each boot. Once permission is granted, it is allowed access until next time I shut down.
If I dismount the volume, then mount it again, the firewall continues to give it access fine.
In Network Security Policy, Application rules, it ends up with LOADS of rules exactly the same, which I periodically have to go in and clean out (I’m a tidy sort of person)
Any help?
Steve
I’m not using Defence+, just firewall. Described problems is about accesing network. I understand that since user do not have complete control of network drive application may change without any notice, but for that is Comodo making (at least I hope so) some checksum of exe file right? (I hope that Comodo improved this since if I remember well version 2 used only CRC, what about MD5 hash of exe file?That should be safe enough)
Regards
Jerry
Comodo is not making a hash check to see if files have changed. The idea behind is that the Defense + is powerful and so the user would have had an alert.
Comodo uses hash file identification only when looking up a file to see if it is on the safe list or not.
Hi
maybe this policy should change for network discs and removable storage where Defence+ cannot control changes. Right now you went safe way (alerts all the time) but it is really annoying to get alerts every time you want to do something with such application.
Best regards
Jerry
Hi! I’ve got the same problem with network application, using CIS 5.0 (free). Is there any solution, how to solve this?
My network application causes Defence+ to alert about 20 times while launching. It’s very borming, so I had to switch it off at all 
What are the D+ alerts about? Is it one and the same alert over and over again? Can you show screenshots of the alerts?
What is the program causing this?
Most alerts are like this:
- The program is not recognised and it tries to change a protected registry key bla-bla-bla..
And some alerts are about launching an unknoun application by safe one (on screenshot)
I’m not sure about text of arerts in english.
The program name is ConsultantPlus - a sort of help system About ConsultantPlus \ КонсультантПлюс
It consists of .exe file and a number of .res files.
I tried to add all this files manually to Trusted group for Defence+, but it didn’t help too.
I’m not sure, that this would be helpfull
http://img196.imageshack.us/img196/3313/Comodo1.jpg
http://img515.imageshack.us/img515/7991/Comodo2.jpg
sorry for poor english…
What configuration are you using? Look under More → Manage My Configurations. What is your setting for Defense + Security Level? With default settings you shouldn’t get many of them.
And some alerts are about launching an unknoun application by safe one (on screenshot)The screenshots were not visible. I tried to fix them. Can you check the url's for me? I get a 404 error. The alerts you are describing are common.
I'm not sure about text of arerts in english.Not a problem for now.
The program name is ConsultantPlus - a sort of help system http://www.consultant.ru/sys/english/ It consists of .exe file and a number of .res files. I tried to add all this files manually to Trusted group for Defence+, but it didn't help too.Your English works for me. What is going on with the Consultant program? Can you describe it in more detail? Post screenshots when needed.I’m not sure, that this would be helpfull
http://img196.imageshack.us/img196/3313/Comodo1.jpg
http://img515.imageshack.us/img515/7991/Comodo2.jpgsorry for poor english…
Yes I too have noticed this issue. It happens when any app (.exe) is executed from a LAN shared folder & requires access to the LAN or web. Despite telling Comodo it’s a Trusted App it keeps asking as if it doesn’t remember the rule. I have noticed this in at least 2 pcs at my home. I never use Defense+ and Sandbox. I disable them by unchecking during installation.
Just now I tried to run an app from the network and I 'Allowed" it like 4-5 times before I had to force close my app. Then I took a screenshot of the rules - which I have attached.
I could provide you with my system,nework,Comodo details/config if you need. But I’m sure you can simply run an EXE file from a network shared folder to reproduce this what i’m talking about.
PS: I arrived from google search “comodo firewall network app”
[attachment deleted by admin]
At wind9.
CIS does not trust applications from removable media like a shared folder on a LAN. The reason is that these locations are not continuously monitored. Therefor it will only remember the rule for the Windows session. There is nothing you can do about this.
By “windows session” do you mean each time the app is started and closed or each tcp session initiated by the app while running? Because it’s the latter that’s making things a pita.
I don’t know about the situation with ending a TCP session. Do you mean with ending a TCP session where a connection with another location at the LAN gets terminated? I have no idea but it can be easily tested. Can you let me know your findings?
With Windows session I mean until log off or reboot.
Like I said
For example I start putty from \192.168.1.1\sharedfoler\putty.exe and connect to telnet on 192.168.1.1 and I tell comodo (initally) that its a trusted app. But I can’t continue my telnet session because CFW keeps interrupting with the same question about putty non-stop. When I’m done selecting ‘trusted app’ for the 6th or 7 th time the putty session times out & I have to start all over again.
I guess you didn’t understand what the OP was saying in their post.
Yes you’re right it can be easily be tested and duplicated. All the posters above have posted their findings including myself. This issue is regarding an task that’s quite elementary.
Yeah you’re right CFW keeps it in memory. The screenshot I posted above I’ve circled the rule CFW made automatically. Strangely CFW doesn’t act like that rule exists and goes into a Q&A loop so to speak.
Forget about windows session; CFW can’t remember the rule for even 1 second or minute.
That strikes me as truly odd. I would call that a bug assuming the LAN connection does not get broken off immediately.
Please consider filing a bug report in the Bug Reports - CIS board following the format as described in FORMAT & GUIDE - just COPY/PASTE it!.
EricJH,
Sorry for not replying - was away. Old screenshots seems to be dead, but it doesn’t matter. Here are new screenshots of Defence+ settings. Configuration is Internet Security, Sandbox is off.
Today something strange happened - I can’t represent the situation any more. I can launch my program from \server\consultant and CIS doesn’t ask me what to do - all rules seem to work as if i tried to launch it from local drive. ???
I have a lot of rules for this application in Defence+ - Computer Security Policy, so now it’s difficult to say, what of them work. As i said the app consists of one .exe and a number of .res files/
PS: Maybe it would be interesting if CIS will use some security zone lists, like IE do (IE-settings-security).
[attachment deleted by admin]