No pop up Firewall warning in some incoming connections

Hi guys.

Using XP Pro SP3.

Ok my config for CIS comodo, safe mode, create rulez for safe applications, firewall alert settings Very High, and this computer is an internet connection gateway checkmark unchecked.

Global Rulez: none, nothing, in blank. And in Proactive Security mode

Ok I tested a firewall called softperfect firewall, and it has an option call learning mode, and basically It gives you an alert for every outgoing and incoming connection.

I wanted to comodo firewall behave the same way. The thing is that for some reason its missing some incoming connections and is not giving me the pop up alert.

I can see incoming connections, on my task bar, local area connection status, in Activity Packets lights.

Sometimes light from Received packets (incoming) turns on, I am talking about just that light turning on(incoming), without the other one, sent packet(outgoing), it turns on just Received packets (incoming), but comodo does not do anything. Usually other firewall I tested, in this situation, they imidiatly give me a pop up warning. But comodo stays quite, It does not give me the pop up warning that there is an incoming connection.

So I dont know if its blocking it or what, I get confused. I like very much comodo products, so if someone can give me an advice on how to fix that, I would appreciate it very much.

I suppose that this question has been asked before, I tried to look on older post but I count find it.

Thanks guys

I just found another dude post, with my same problem, so I am going to answer the questions been made already. And my answers to them.

1. can you make sure you you don’t have ‘Do not show popup alerts’ in Firewall Behaviour Settings checked?

I don´t have that option marked

2. Using custom policy mode overrides the trusted vendors list, so, if you’ve placed the firewall in custom policy mode it should ask you for each new application launched

Yep I tried safe mode and custom policy mode, and didnt fix it

3)Are you running Avast 7 with the web-shield enabled?

I am running last version of Kapersky Pure 2.0 with firewall and application control turned off, I am just using antivirus

And finally, when I use block all incoming connections and make my ports stealth for everyone(Global Rules), and put on block all incoming connections rule, log as a firewall event if this rulez is fired option.

Comodo firewall actually show me that is blocking those incoming connections automatically(Firewall has blocked X intrusions so far.

But like I said before I want to be able to block those intrusions manually and with a pop up alert warning. I thought that removing block all incoming connections and make my ports stealth for everyone(Global Rules) rulez, and leave global rulez in black with no rulez at all, would do the trick, but it doesnt

If I remember correctly that’s an answer I gave. The thing you need to be aware of, Custom Policy mode only affects outbound connections.

3)Are you running Avast 7 with the web-shield enabled?

I am running last version of Kapersky Pure 2.0 with firewall and application control turned off, I am just using antivirus

Never used Kaspersky products, so maybe someone else can comment on this pairing. However, there’s always a chance of conflict, when running two security products simultaneously

And finally, when I use block all incoming connections and make my ports stealth for everyone(Global Rules), and put on block all incoming connections rule, log as a firewall event if this rulez is fired option.

Comodo firewall actually show me that is blocking those incoming connections automatically(Firewall has blocked X intrusions so far.

But like I said before I want to be able to block those intrusions manually and with a pop up alert warning. I thought that removing block all incoming connections and make my ports stealth for everyone(Global Rules) rulez, and leave global rulez in black with no rulez at all, would do the trick, but it doesnt

What we really need to help with this, is more detail. To that end, it would help if you could post screenshots of your firewall application and global rules along with details about which applications you believe you should be receiving alerts from, for inbound connections.

I didnt Know that custom policy its only for outgoing. Thanks for telling me. How about safe mode its also just for outgoing?

Well I dont think Kapersky is the problem, cause I am having the same problem, with panda cloud, avg and essentials.

Anyway I was trying the new version of KISS 2.0, but its a lot of resources consuming so I just uninstall it. Plus I didnt like some things on new version.

I like essentials but for some reason when I use essentials and comodo, essentials scans are extremily slow, so I am going to use avg free antivirus

Sorry for not posting screenshots I am kinda noob on that and belive it or not I am 29 years old and at this point of my life I dont Know how to post screenshots. lol Maybe some one can tell me how

But basically my problem happend to me with a fresh intall of CIS, the firewall application rules is the default
of comodo when you make a fresh intall, I think is 3 rulez only. And in global rulez, I like to use stealth ports Wizard, Block all incoming connections and make my ports stealth for everyone. and that one works fine and great. Basically I need that same option but not in automatic, I need it but in manual mode.

But right now I have global rulez without that option, if I put a screenshot of my global rulez, there is nothing, I have no global rulez at all, I remove all, its in blank, white, in order to try to fix my problem.

Actually is working fine for all applications, it gives me the pop ups for any applications and programs inbound conections, that ones work fine

The ones I am refering to are usually atacks from hackers or people from diferent parts of the world, russia, argentina, brazil to name a few. You know that comodo gives you the ip from the atacker when an incoming connection happens, then you can google up those ip and see from wich country and ISP are coming from. Those are the ones I need a pop up message, so I can manually chose the option to block them.

Sorry If it is to hard to understand me, english is not my native language. So I apologize.

Sorry for not posting screenshots I am kinda noob on that and belive it or not I am 29 years old and at this point of my life I dont Know how to post screenshots. lol Smiley Maybe some one can tell me how

No worries. Don’t worry about screenshots for this post but for future reference - Screenshot-posting for beginners

With regard to your ‘problem’, basically you have two choices:

1. Alert me to incoming connections and make my ports stealth on a per-case basis

Using this method you should receive alerts for unsolicited inbound connections. By ‘unsolicited’ we mean inbound connections that are not replies to outbound connections from your applications and are not connections to server services you may be running.

2. Block all incoming connections and make my ports stealth for everyone

In this mode, you won’t receive any alerts to unsolicited inbound connections but you can enable logging. Doing so will capture information about blocked connections, which you may then act upon. Unfortunately, there’s no in-between.

Another consideration is, whether you’re behind a router. If you are, this device should be effectively filtering all inbound connections already, so the use of the software firewall in relation to inbound connections becomes secondary, some might say redundant.

Thanks dude, I learn a lot on this one. Yep that did the trick, it works now