I’m new here though I’ve been using Comodo now for a couple of months. Such an amazing firewall, I have to say.
Lately, I’ve had a few problems with the firewall using about 50 percent of my cpu (I read through all of the other posts on this issue, though wasn’t able to find a definitive answer).
This happens randomly while using more than one internet app and is not secluded to one app or another.
Upon reinstalling Comodo and reverting back to all default settings, I have noticed that this no longer happens. What I’m attributing that to (tentatively) is the fact that I had a ton of rules that I saved while using the firewall.
One of the biggest number of rules came from the fact that I use a dock application call RK Launcher. I am a native mac user so, it was something that Windows was really lacking.
I’ve noticed that any and every time I try to launch an internet application with this dock, I am asked to allow RK Launcher to connect using whatever slave application it is opening.
What I’m wondering is if there is a way to set up a “parent only” application setting to allow RK Launcher to always open an application without having to set up a rule for every different app.
Another question, which is probably unrelated…How might I allow for any app to access my local network? I have many warnings about windows explorer and other apps that are doing their regular jobs, but I always have to make numerous rules to allow these (ie services, svhost, windows explorer using another app to connect). These, I believe are normal actions unless a system has been compromised with a virus or the like. I own NOD32 and update and scan regularly, so as far as NOD tells me, I have no problems in that regard.
EDIT: Figured out the above question by configuring these actions in the Advanced Configure section.
I would be extremely appreciative for any advice regarding these issues.
Thanks so much for this amazing firewall.
Sorry for the delay but the rest of my life got in the way. LOL.
Re. allowing local apps to access you local LAN, this can be easily achieved by defining a zone (SECURITY - TASKS - ADD/MODIFY/REMOVE A ZONE) and then setting that zone as trusted (SECURITY - TASKS - WIZARD - DEFINE A NEW TRUSTED NETWORK). The IP addresses you use to define the zone should encompass all addresses used across your LAN, including the inward facing address of any routers. If you are using DHCP, you may need to add an additional outbound rule allowing access within the zone to port 53 (bootp).
Re. allowing a parent app open access - no, no, no - just ask any teenager - parents are not always to be trusted. ;). What the firewall is actually controlling is the application that is attempting to send or receive data. CPF goes further than other firewalls by recognising and monitoring the ownership of the app trying to get out. Imagine if we accidentally set up a global “parent” rule to allow explorer.exe open access. Any app initialised from the shell would then have full and open access, regardless of the intentions of the app. This is not a good thing.
Allowing parent rules would greatly reduce two things - the quantity of alerts we receive and the overall security provided by the firewall. Security has a price and if I have to click the occasional dialogue, then so be it.
There are steps within CPF that you can take to reduce the regularity of popups. If RK Launcher is anything like YZ’s Dock for Windows, you could set up application rules for the apps you place in the launcher and, in the properties of the app rule, tell it to skip the parent. This should allow the apps to be launched by explorer.exe, launcher.exe, anything.exe. Unless RK Launcher is doing something odd, CPF should only ask once for each app as it is launched from the dock. Please bear in mind, though that if the same app is launched from the desktop (as opposed to the launcher) its parent would then be explorer.exe and CPF would ask the first time it is launched in this manner (unless we have set up an app rule that ignores the parent).
Hope all this helps, and again, apologies for the delay. I’d give my self an uppercut for being so tardy but I’m afraid I might knock myself out and miss another posting. LOL
Heehee, the advice you’ve all given is very much appreciated.
Panic, I wasn’t suggesting that all parent apps should be allowed access from other apps…I love the fact that comodo can alert of such things. That is one of my absolute favorite things about it.
I just wanted to allow RK Launcher. (I just want to make it clear that I love that feature in Comodo.:))
I believe you’ve answered my questions, and thank you kindly for the advice.
I’ll play with these settings and let you all know if I have any further questions.
Thank you again and warm regards.