remote desktop defense+ failing / firewall no alerts


I am running the firewall and defense+ on a XP Pro SP3 computer which i am connecting through remote desktop from another XP Pro SP3 computer on the same local network. Both are fresh formats, nothing else weird running that should conflict.

Finding 2 issues when i do this. Defense+ while set in Safe Mode is being totally disabled without notification to me when connected through remote desktop. When i log back in on the machine directly, it seems to turn back on instantly. Nothing changes. I go back and remote connection from the local network and it still says enabled but does nothing. lets everything pass, no warnings, no blocks. As if it was shut off/disabled. If i go back and try to do that exact same thing i did while remote connected, and defense+ will popup and ask if i want to allow it. Even though a second ago it let the same action pass with no warning/block from the remote connection.

The firewall does remain functioning, minus the fact i do not get the notifications on the remote connected computer. so it’s all just blocked. but at least it’s running.

In both cases, is there any work around, or settings i am not doing properly? as is, i can’t really use it.

Thank you

Is it possible the alerts are only for ‘local’ use? meaning, you would need CIS installed on the remote to actually get the alerts?
(I don’t use Remote and have disabled anything allowing it, so I am only theorizing here)

I wouldn’t think so, since what I was doing was on the remote computer… That said, i also have comodo installed on the computer which is connecting to that computer anyway.

to be clear in regards to d+ failing. if i remote connect to ComputerB and try to run a new install of any program, i can run it without any warnings, etc. I can install/run and do anything.

If i disconnect from the remote connect, go to that same ComputerB and run the exact same install file that just ran and installed everything… D+ won’t let it without my permission. this is without changing or touching d+ in anyway, simply running it from the computer directly instead of the remote connection on the local network


Hi Kevin9,

I am asuming that your network is proberly configured for sharing on your LAN. If so, I will have to take you back to the final stages of CIS installation process.

Now, if you can remember CIS asked you at one point of the installation that:

  • You should give a name for your Network (suggested=Local Area Network #1).
    Name it the same as your Windows LAN name
  • Decide if you want to trust the other PCs in your Network (2 Options here).
    – Select—>I would like to be fully accessible to the other PCs in this Network.

In the above:
– You have named your Network and choosen to allow one PC to act as the gateway for the other PC in your network.
– So you need only to install CIS on the PC that is connected to your Router or Modem and to the Internet.
– Comodo Internet Security will then allow Local Area Network connection from one PC to another PC
– You can now use Remote access from one PC to the other PC.

– Make sure that your windows configuration is correct to allow remote connection on but systems.
– Remember, you have to allow the connection from the PC that requires access.
– You might need a keyboard/mouse hub or switch, to avoid moving from one PC to the other.
(if you don’t have an hub, you only need to move to the other PC once to grant access when windows xp alerts you).

I hope this is helpful for you as it as been interesting for me.

With Regards

I don’t think so, this has to do with the credentials Terminal Server is running, you are doing remote control on your desktop, but the process initiating is running in the Terminal Services privileges, i assume it has something to do with that, can you check the D+ permissions for the remote desktop process, i don’t remember the name right now, but it can have something to do with that.

If you use VNC or Radmin a like’s that should not cause this because the “really” take over control of the current users context, rdp is a security wise different approach.

Hi Divine,

Thanks for the reply. Although I am a little confused by it. Both computers are connected to the same router, and the computer in question is used both directly and via remote desktop from the other computer on the network. I am not seeing any setting that would basically disable without warning and let anything run if you are connected via remote desktop.

the firewall still works, minus the fact that i cannot see the popups. so everything just gets blocked until i go over to the remote desktop and see it and then allow/deny. but d+ simply lets everything pass.

Wouldn’t that make computer A something of a server in simplified terms? When you run an app on computer A from Computer B (the remote), it is actually running on B (would this be correct?). In that case, I would venture to think the CIS on Computer B should speak up about the app wanting to run, use mem, etc.
I guess I am really just trying to understand how Remote actually works here before I can offer even my $.02 worth.
About 15 years ago (back in the day), there used to be a remote access program to view your station from a remote (log in, callback security, etc.). This program allowed the (verified) remote to run any app and see the screen as if he were actually sitting at the work station (now acting as a server of sorts). Unless instructed to, the apps only ran on the remote (hard on the dial-up in those days - 33K was top-line/speed). This is why I asked the question. Just trying to learn here. Thank you for your time.

Well the processes run in the system you connected to with Remote Desktop that system is the “Server” Remote desktop transfers only the screen info, keyboard and mouse input/output.

You can do the same with VNC and Remote Administrator and others, They take over the control of the screen/keyboard/mouse.

Big difference in this will be how D+ recognizes the “server” component from Remote Desktop, if that runs in “Trusted application” it is allowed to do all except start other executable’s and that could be the reason you don’t see it alert. But as i don’t run it here, I’m a bit guessing…

Thanks for the explanation, Ronny.