I have a couple of questions about cmdagent service. This service uses wininet.dll to connect to the internet. The two ip addresses are and My OS is XP Pro SP3. The current version of CIS is 5.3176757.1236.

What is the reason that this service opens a couple of ports and then closes them and waits?

The second question is about global network rules and blocked networks. Both have a box to check for exclude. It seems to mean exclude the rule or blocked network, but does not do it. In fact using it to block the above addresses yesterday under blocked networks, it seemed to block all network communication. If I recall it did not seem to block all traffic when implemented under a global network rule. But continued to block the two ip addresses above.



[attachment deleted by admin]

The IP address belongs to Comodo: download.comodo.com . That is used for the AV updates

The IP address is vip1.G-anycast1.cachefly.net which is part of CacheNetworks. This is a hosting provider specialised in hosting updates: http://www.cachefly.com/ .

I think when you tick the Exclude option it will block all traffic but the traffic to and from It does exactly what you ask.

Hello gbr100,

It’s for the cloud features mainly; and updates. Thus that is why they connect to the IP’s

To Exclude
If Deny Rule = Deny All Addresses BUT The Choice Below
If Allow Rule = Allow All Addresses BUT The Choice Below

Hope this helps


Thanks Eric and Jacob. Now I understand the exclude box. It was not clear in the help files. Would be clearer if displayed just like Jacob showed it.


I’m not 100% sure if there is a question/request in that reply or not;
So; Is there any other questions or issue you are experiencing?



No more questions. Everything has been made clear by the two responses. I have no issues with CIS. The original question was just to clarify how the “exclude” box works and the purpose of two ip addresses. Both were answered.



Ok Thank you for reporting back :slight_smile: