stealth ports

i think this might be a firewall bug. i used the stealth port wizard and selected the middle option, it worked fine until i woke up my pc from stand by to see utorrent port traffic blocked. used the wizard again it the firewall began to behave correctly.

windows xp sp3 updated, only cis installed with antivirus and sandbox enabled.

a few days ago the sandboxed stopped working (no notification no nothing), yesterday when i installed windows i set all the sandboxed applications as trusted and shut down the pc. when i turned it on no setting was remembered regarding sandbox apps.

does cis have problem with remembering settings after restart, shutdown or even stand by ???

in the state cis v4 is right now i would not recomend it no someone else. i will use it because i think in a couple of months it will be better and because i like the risk …

Sorry that you are having this problem.

Regarding the sandbox, are you making the files ‘trusted’ or adding them to ‘My Safe Files’. If you are adding them to ‘My Safe Files’ and they are bouncing out of ‘My Safe Files’ on reboot or resume please have a look at this draft new FAQ on files which are difficult to remove from the sandbox here. If these techniques don’t work for you, please post what happened when you tried each of them, and I’ll investigate further. If a technique does work please tell me which one so I can help other users of your programs.

Not so conversant with firewall issues hopefully someone else will help.

Please also post system details as requested here

Best wishes

Mouse

removed post, investigating futher. New details, trying to put it together

tried the above and the problems didn’t dissapear

  • P4 2.8 32bits
    • cis v4…779 , virus database 4428
    • Windows xp pro sp3 with license (not cracked, not from torrents)
    • only installed full cis v4 32 bits, firewall custom, defense plus safe mode, antivirus statefull, sandboxed enabled

BUG 1
* at every turning on of the pc several notifications appear stating some apps are sandboxed. Some of the sandboxed apps are from trusted vendors and are also in safe list
* tried to manually add the apps as having trusted vendors or as safe files. Some of them had already trusted vendors, some were already safe files, 1 is not digitally signed

sandboxed apps : exes from ati, utorrent, free download manager, SynTPEnh - synaptic mousepad apps.

BUG 2
* i have stealthed my port using from the three possible options the middle one. After a while i observed utorrent traffic was blocked. used the wizard again to select the middle configuration and all went back to normal. When this bug appears the my cpu stays between 20-40 percent.
* defense+ is set on safe mode, all mionitoring options are on.
* using administrator account

on the first ver of cis v4 the sandboxed stopped working, on the updated version the sandbox work too well like it’s on paranoid or something :expressionless:

guys too many bugs for a final product :frowning:

today i noticed again that the cpu was around 30%. i looked in the process manager under defence+ and explorer and all the processes opened by it [size=10pt][size=10pt]were not showing up in the list ![/size][/size]

Thanks for posting system details. I may be able to help with the sandboxing issues.

Could you first make sure we have eliminated all the applications that are easy to unsandbox by doing what is suggested here re bulk unsandboxing. Just tell me if you have already done it.

Then we need to be sure what is still being sandboxed. The only way to be sure is to reboot, run all suspects, then check the log entries, not My Pending Files. If you can tell me what is left then we know what we are dealing with.

Best wishes

Mouse

restarted the pc and this time kept all the apps in the sandbox. none of them appear in the pending files … tried to add the again to my safe files - all the apps are safe files already

reinstalled cis, erased all traces from program files, app data in documents and settings and from registry and now only one unsigned exe remains sandboxed / that’s fine i guess. just regained my trust in this piece of software. now i test regularly to see if automatic sandboxing works. one or two incremental updates and all should be fine.