"Skip advanced security checks" not working

johan_oern · September 14, 2007, 8:40am

(:NRD) … Hi!

I’m trying to make comodo not interfere with Remote Desktop Client software (mstsc.exe). In the firewall logs I see that comodo blocks fragmented udp packages. I have created an “allow all” rule in the application monitor and checked the “skip advanced security checks” for this rule. However comodo does not remember this setting and mstsc.exe are still blocked from establishing a connection. I have to go to Security->Advanced->Adtanced Attack Detection and Prevention->Miscelaneous and uncheck “Block fragmented IP datagrams” and “Do protocol analysis”. It would be nice if I could just do this on the rule for mstsc.exe.

/ Johan

Little_Mac · September 14, 2007, 5:03pm

Agreed; it would be nice if CFP did that on a per-application basis. Unfortunately, it’s a global setting.

The “skip advanced checks” is for Application Behavior Analysis & Component Monitor only.

Detection of fragmented packets and Protocol analysis is tied in with network traffic, rather than application traffic; it’s related to CFP’s SPI engine.

LM