Has anyone tried to get the Windows “runas” command to work? I seem to be having issues doing that.
I installed the firewall from CIS 3.5.57173.439 on my Dell 620 laptop running XP SP2 about a week ago. The firewall is set in “training” mode, while Defense+ is in “clean pc” mode.
I’ve successfully setup both wired and wireless connections for the LAN at work, as well as the VPN to work from my house. The VPN connection is where I’m having the issue with the “runas” command.
In order to use certain command line utilities I open a cmd prompt using runas and my credential from the LAN at work. The shortcut contains the following command:
With the Windows firewall it works just fine, but not Comodo. What happens is I click on the shortcut and the cmd window opens up asking for my password, just like it always has. I enter the information, hit ENTER and then nothing; no errors, warnings, or connection. I eventually use the Task Manager to kill the process. When I check the firewall log I see these entries appear:
{see PIC 1}
I figured that I could just make it a “trusted application”, so while the cmd prompt is running I added it to my trusted list with full permissions for all IP traffic on all port:
{see PIC 2}
Still doesn’t work.
I’ll admit to being a newbie with Comodo, so I assume I’m just missing something obvious (I’ve been working with computers for a living over 25 years now, so I do have a good grasp of the technology and operating systems). I also tried searching the forum for “runas”, but got no hits. Can someone see what I’m doing wrong?
Disabling Defence+ didn’t fix the problem – the runas command still won’t work – but disabling the firewall does allow it to function properly. Even with Defence+ enabled. Oddly enough, once the runas command has actually launched the cmd prompt I can turn the firewall back on and it continues to work (I can still access network resources). Both the firewall and Defence+ are in Safe Mode, but I have tried the firewall in Training Mode as well.
Since turing on/off the firewall every time I need to use the runas command is a bit of a pain, is there anything else I might be able to try?
Please try a incoming (logged) rule in Global Rules as even if you set a application both ways in the Application Rules it still can be blocked.
Though why it would need this I have no idea.
Dennis
I’m not quiet certain I understand what you’re asking me to configure – I know about the global rules, and how they’re created, but I’m still relatively new to Comodo. Can you elaborate on that some?
Going by you screenshot this is what I suggest to try.
Sceenshot below of suggestion if you have block rule like I have please make sure the rule is above like in the pic.
Dennis
It now logs the action you tried to capture – the UDP broadcast (pic attached) – but the results are still the same, I can’t get the runas command to work when it tries to pass network credentials. Shut off the firewall and it works instantly.
As you are shutting the firewall off, the only thing that can be happening is that some thing is blocked but not logged.
Please try a logged rule in Global Rules for incoming connections with all marked any this should be the same as closing the firewall.
Dennis
Edit If this still does not work please try in Application Rules add a all application rule outgoing only both rules need to be the first rule in the list.
EDIT These rules are just for testing “runas command” Please remove after.
I’m a bit confused how logging all the activity is equivalent to closing the firewall, but I added a rule for it anyway. Unfortunately I got the same results, but I attached a copy of the log anyway (hope the uploads like HTML). While I was at it I played around a little more and found out something interesting; COMODO may not exactly be denying the runas command entirely, just slowing it waaaaaaaay down.
What I’ve been doing is waiting a minute or two for the command to complete, and when it doesn’t I just close the cmd window (without COMODO running the runas command works in a few seconds). This time I must have forgotten to do that with one of the windows and about 5 minutes after it was launched the cmd window did appear, and it seemed to be working. I tried it several times and I can almost duplicate it at will now; launch the icon, type in my password, wait several minutes and the window will eventually appear. Turn off the FW and the runas command works in in 2-4 seconds.
Thanks for posting back.
All the logging was just to see if something went through that was not shown as blocked.
It appears not being blocked just slowing it.
I have a simular problem with printers if I right click on the default one and click properties it takes some time for the window to appear, about 1 minute.
Dennis