Skype changes my CIS firewall settings?

Hello all, this my first post here so please forgive minor transgressions. I have done a search and not found an answer to my query :-[.

OS: Windows Vista Home Premium SP2
CIS: 3.9.95478.509

I’ve had CIS installed for about a week, and what a great product! Way better than Norton 360 (cheaper too) and in my opinion more configurable than ZA.

I’ve been experimenting with Skype and vainly trying to get it’s excessive network usage under some sort of control, just to see if I could not because I need to. I’ve set up several of the regsitry hacks in to prevent Skype using UDP and also (out of interest) to prevent it listening on TCP (just because I could).

In CIS I have a firewall rule that allows only TCP out to any IP and any port and a second rule that allows only TCP in from IP any to my specific Skype port number.

When I attempt to use Skype it works just fine, but on looking back at the CIS Network Security Policy I found that’s because something (it can only be Skype) has added a new rule allowing in/out from IP any and to IP any. BTW. I have no option available in my Skype settings that allows me to "let Skype change my firewall settings.

Now, I don’t really mind Skype chewing up my bandwidth (I have no limits) but I DO NOT want Skype, or any other app for that matter, modifying my CIS settings! Defense+ is set to Clean PC Mode and the firewall is set to Safe Mode.

I understand that Clean Mode allows all known apps access that they’re not expressely blocked from, but why is Skype allowed to modify CIS settings? That’s just dumb!

Please advise me how to ensure that no apps can modify my CIS settings.

Very best regards…Tony Cross

Some application provide options to configure Windows Firewall but this won’t affect CIS.

CIS itself can auto-configure Safelisted application (it is likely Skype is safelisted too), all applications or no application depending on the Firewall Security Level

To completely define the rules for skype according to you intentions it is likely you need to add a third rule blocking & logging in/out from IP any and to IP any.

The alert and corresponding enforced rules details are also subordinate to ‘Alert Frequency Level’ IIRC “allow in/out from IP any and to IP any” correspond to Low alert frequency.

Thanks Endymion, that’s done the trick. I should have thought of that myself 88)

Many thanks…Tony Cross