Hello all, this my first post here so please forgive minor transgressions. I have done a search and not found an answer to my query :-[.
OS: Windows Vista Home Premium SP2
I’ve had CIS installed for about a week, and what a great product! Way better than Norton 360 (cheaper too) and in my opinion more configurable than ZA.
I’ve been experimenting with Skype and vainly trying to get it’s excessive network usage under some sort of control, just to see if I could not because I need to. I’ve set up several of the regsitry hacks in http://www.skype.com/security/network-admin-guide-version2.2.pdf to prevent Skype using UDP and also (out of interest) to prevent it listening on TCP (just because I could).
In CIS I have a firewall rule that allows only TCP out to any IP and any port and a second rule that allows only TCP in from IP any to my specific Skype port number.
When I attempt to use Skype it works just fine, but on looking back at the CIS Network Security Policy I found that’s because something (it can only be Skype) has added a new rule allowing in/out from IP any and to IP any. BTW. I have no option available in my Skype settings that allows me to "let Skype change my firewall settings.
Now, I don’t really mind Skype chewing up my bandwidth (I have no limits) but I DO NOT want Skype, or any other app for that matter, modifying my CIS settings! Defense+ is set to Clean PC Mode and the firewall is set to Safe Mode.
I understand that Clean Mode allows all known apps access that they’re not expressely blocked from, but why is Skype allowed to modify CIS settings? That’s just dumb!
Please advise me how to ensure that no apps can modify my CIS settings.
Very best regards…Tony Cross