first thank you again for excellent service and product. I?m on Comodo for about 6 month and very satisfied. Would be nice if German translation will come out soon.
My issue: After starting (booting) my pc something goes online after entering windows. Activity monitors shows me “system” (but I can?t find more about that) and ocontrol.exe. I allowed ocontrol (to control my router) after asking to connect with lokal port, but internetconnection was already open. So I suppose “system” is connecting to the web. This does not happen with old stable release. I didn?t change rules or anything in setting - just used the comodo onlineupdater and that?s it.
My knowledge is not very good and my information are quite “poor” but maybe someone can help or give me a hint what/where I should view…
In the connection window what protocol (e.g. ICMP, TCP, UDP, etc.) is system connecting to/from? I also didn’t notice system creating connections in ver 2.3, but in 2.4 it shows ICMP, which is normal for me.
I don’t know what ocontrol.exe is it. Google search might reveal what it is.
thanks for your answers. The strange thing is, that ocontrol.exe was not going online in old release. Hmm… So I?m wondering why it should now wants to go online. Rules stayed the same. ocontrol.exe does not require an internetconnection - only a connetion to my router.
I?ll watch on next startup what exactely is going on in the background. I?ll be back in a minute.
system UDP Out 192.168.2.100:138 192.168.2.255:138 0 B in 243B Out
svchost.exe UDP IN/Out 0.0.0.0:68 255.255.255.255:67 632 B in 634B Out
svchost.exe UDP Out 192.168.2.100:1026 192.168.2.1:53 0 B in 385B Out
no comments? Sorry, hope nobody is bored. I?m not an expert in firewall configuration
What is system?? There is no system.exe or .dll ? What is that for? Part of Comodo or WinXP?
I?ll try version 2.3 and will take a look if “system”-connection is also there or not. Definitely my system didn?t change, rules stayed the same and nothing went online at startup with 2.3.
Uninstalled Firewall and started WinXP without any Firewall. NOTHING opened an internetconnection. Installed 2.4 again → internetconnection on.
So, its definitely Comodo Firewall that opens something. Automatic update is disabled. Anybody has an idea what CFP does (standardsetting - only autom. updates are disabled)?
That is nothing to worry about.
CFP is only showing you connections to/from the router.
port 53 is for DNS and is normal.
Port 67/68 is for DHCP and is also normal.
Port 138 is netbios.
About the system connection you ask about, it’s only Win XP that use port 137,138,139,445 for your network. If you want to share files in your network you will have to use these ports.
It has nothing to do with CFP.
thanks for your reply. But why is no internetconnection “on” when comodo CFP is not installed. When installed internetconnection is on?? The onlineconnection is definitely opened by CFP you accordingly will agree. With Version 2.3 no connection was established. So your helped me with your answer about ports and protocols/services but my mainquestion is still open.
How do you know that your connection is not on when you’tr not using CFP 2.4?
CFP 2.4 maybe has been improved/changed so it discovers connections better.
And as I said, it’s not an internet connection, it’s only local in your network.
sorry, but you are definitely wrong. I use ocontrol.exe. It?s in the systray and goes green if online connection is established. Also, my router is 30cm away from me. And my router has a yellow LED which is also on. so there IS an onlineconnection. And again, if comodo CFP is uninstalled no onlineconnction is there.
Sorry, but I feel a little bit fooled here. I discribed the situation 3 times and you want to tell me that I’m not able to recognize the difference between network- and internetconnection…
I’m sorry you feel that way, but I’m sure no one wants to fool you.
And if you look at the addresses you’ve posted earlier…
… you’ll see that those are all inside your local network. 192.168.2.100 is probably you, 192.168.2.1 is your router, and the other two are used for comunication from your router to all the others in the network (broadcast). I’m not an expert, and I hope someone will explain this much better than I can…
And yes, I also have some similar entries in my logs ;D
Thanks dude for your help. I know that all my activities are local. That’s why I asked. I’ll go back to 2.3 or check another products ???. At the moment I’m not pleased with the situation. Neither CFP nor the discussion here
Installed the CFP 2.3. Nothing went online - BUT the same services are there as in 2.4. And, under Activity I cant find ocontrol.exe (routersoftware) in 2.3. In 2.4 there are a lot of connection from that app to local IP but always connecting to different ports. Hmmm… I suppose that Netbios is responsible for the online connection in CFP 2.4. But why is 2.4 handling this different as 2.3 did?
(sorry, my english is not the best - but it’s an international Forum)
It doesn’t handle ocontrol different - there are the same connections in 2.3 and 2.4
(PS: I don’t know why ocontrol uses different port’s to scan the router.)
I think the “Connections”-Monitor show’s you all your activities in v 2.3 in “real” realtime.
Therefore you can see that OControl appears sometimes for a “little moment”.
In v 2.4 the shown connections remain for longer time - now you can see all the ocontrol connections from the past (1 min, i think) , but they are not real connectet in the moment, except the last one.
In addition, i think, the “new” Connections-Monitor doesn’t show any "trusted/certified or known-system connection’s like:
“ATI-Contol Interface, AntivirusRealtimeProtictions(Guards), Windows-Update and other windows
services (service.exe svchost.exe, …”
To your first postet question:
Do you have the auto-connect option on your router enabled?
If yes, then CFP2.4 allows it’s (trusted/certified) applications to connect to the internet.
Mostly “Windows Update” (svchost) try to open a connection. - and “■■■■” the router opens a connection.
I don’t know why, but in v2.4 the “don’t show alerts for certified apps.”-option
is enabled and not as efficient as it was in CFP2.3.
(with the right option V2.3 blocks everything.)
PS: I think you should control your router manually - with ocontrol.
I know that all my activities are local. That’s why I asked. I’ll go back to 2.3 or check another products ???. At the moment I’m not pleased with the situation. Neither CFP nor the discussion here 