Hello!
I have CPF 2.2.0.11 on WinXP SP2 machine with latest updates etc.
svchost, services,lsass,alg is blocked by application rules. However, if i open a MSDOS/Prompt window and type “ping IP_ADDESS” it pings, without asking Allow/Deny. It is same for “tracert” command too.
This may be a possible hole.
Regards,
ICMP protocol is not monitored per application based. It is a network layer protocol therefore you need to create network monitoring rules to block such requests.
It was being asked in previous version so i decided to ask here… I updated the product about 2-3 weeks ago, and realized that dos prompt access through internet freely.
Regards
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\XXX>ping www.comodo.com
Pinging www.comodo.com [195.92.253.137] with 32 bytes of data:
Reply from 195.92.253.137: bytes=32 time=105ms TTL=49
Reply from 195.92.253.137: bytes=32 time=102ms TTL=49
Reply from 195.92.253.137: bytes=32 time=102ms TTL=49
Reply from 195.92.253.137: bytes=32 time=103ms TTL=49
Ping statistics for 195.92.253.137:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 102ms, Maximum = 105ms, Average = 103ms
Well it didnt ask again… I checked component monitor section too, and cmd.exe is not available. That’s strange.
If you think this does not cause any problem, fine. I just wanted to let you know about this. I just noticed, and created a topic. If i use p*tty.exe, it immediately asks for connection.
Regards,
Sure. Thank you very much for the feedback.
Egemen