Uninstall / Configure, Trusted App, Network Security, Defaults, Wireless Printer

Comodo Internet Security (Firewall) v5.3.176757.1236

While troubleshooting various problems on PCs with Comodo Internet Security v5.3.176757.1236 (Firewall install only, with the option to Allow Access by Other PCs in the Network Zone enabled) installed as well as installing/setting up a new HP Envy 100 e-All-In-One D410b Series Printer (connected using Wi-Fi 802.11g) for a couple people, I encountered the following issues:

Uninstall Issue:
If the Comodo Secure DNS option was chosen during installation, the DNS Server Addresses are not removed properly or reset to use the “Obtain DNS Server Address Automatically” (DHCP) setting after uninstalling. The invalid DNS entry left behind (I didn’t think to write the addresses down at the time, but I believe it was filled in with a 192.168.x.x address from the Home Gateway/Router) causes the PC to lose access to the Internet. This can be a problem if people don’t realize this is happening or know how to fix it. I ran into this a couple of times while uninstalling and reinstalling to upgrade to the newest version of Comodo, and while troubleshooting the various issues mentioned below. It took me a couple minutes after uninstalling Comodo and losing access to the Internet (Why did I lose Internet access? It was working a minute ago… Oh yeah, wait a minute… I installed with the Comodo Secure DNS Server option… and I just uninstalled it… I better check the DNS settings! Just my thought process… sorry about that, but you get the idea!) to think to check the DNS settings…

Misc. Questions:

Define A New Trusted Application (Windows XP Home Edition):
While installing/setting up a new HP Envy 100 e-All-In-One D410b Series Printer (connected using Wireless 802.11g) for someone else, I tried adding specific Printer software exe’s using the Define A New Trusted Application interface within Comodo Firewall (Desktop PC with Windows XP Home Edition w/SP3). I tried this as part of the troubleshooting process (so I would have a specific rule that was logged, specify it as Allowed, etc…). After adding the Trusted Applications, I didn’t see them listed anywhere in the Firewall interface or a way to remove them afterwards. I also did not see them listed anywhere in the Network Security Policy window or in any of it’s tabs, but since they were added using the Define A New Trusted Application interface I wasn’t sure if they should even be listed there or not. I’m assuming I’m either doing something wrong or not looking in the right place in order to remove the added Trusted Applications. I ended up uninstalling and then reinstalling Comodo Internet Security (Firewall) v5.3.176757.1236 (Firewall only) to be sure they were removed.

Add/Delete Network Security Policy Application Rules (Windows 7 Home Premium x64):
While troubleshooting a problem with an email application for someone else, I temporarily (intended it to be temporary anyway) added an Application Rule for the email software (Mozilla Thunderbird) just for the purpose of having Comodo Firewall log when the rule fired (for outgoing email). Afterwards, I was not able to Remove the temporary rule and had to uninstall and reinstall Comodo Firewall to get rid of it (I didn’t have a recent Exported Configuration to Import… Oops!). I haven’t encountered this issue before and was wondering if it was related to Windows 7. Afterwards I was wondering if I should have tried starting the Comodo Firewall user interface using the Run As Administrator option in order to remove the Application Rule. I assumed if Elevated Privilege was required I would receive a UAC prompt, and figured Run As Administrator wasn’t necessary. Is this the case or is this a bug with the current version not being able to remove manually added Application Rules in some situations?

Reset Comodo Internet Security (Firewall) v5.3.176757.1236 Defaults:
After dealing with the above issues, I was thinking that it would be nice to have an option to Reset all of the Default settings for Comodo Internet Security. I realize there is an option under More/Manage My Configurations where you can Import/Export Configurations or switch the Active Configuration. The problem is that unless you think ahead and Export the Original Configuration before rebooting after installing the Firewall (since things change right away when applications try to access the Internet etc. following reboot) to back it up somewhere, there doesn’t seem to be an easy way within the user interface to return to defaults (unless I missed it) after messing things up (yes, messed up configurations are usually self inflicted, but sometimes playing with settings is a good way to learn!). A Reset Configuration Defaults button within the Manage My Configurations interface might be a good option (basically keep an un-modified copy of the Original Configuration files for this purpose). It would of course need to include a way to select which Default Configuration you want to reset things to (Internet Security/Proactive Security/Firewall Security). Possible feature request?

Wireless Network Printer Issue:
While installing/setting up a new HP Envy 100 e-All-In-One D410b Series Printer (connected using Wi-Fi 802.11g) for someone else, I found that it was necessary to uncheck the Block Fragmented IP Datagrams option in Comodo Firewall/Firewall Behavior Settings/Advanced Tab in order for two different PCs to be able to print. The Printer, Laptop and Desktop PC were all connected to the same Motorola SBG900 Wireless SURFboard Gateway. The Laptop that was connected using Wireless was able to print without this setting change, but the Desktop PC that was connected with a CAT-5 Ethernet cable (100Mbit/s Fast Ethernet) was not able to print without this setting unchecked (except from the Printer Configuration in a browser). To eliminate varying IP addresses (due to DHCP) for the Printer, it was configured to receive a Static IP address from the Router. I was however able to access the Printer configuration interface from the Desktop PC using Internet Explorer and print a test page without unchecking the Block Fragmented IP Datagrams option (strange, but it’s through a browser so ports etc. may be different). I was wondering if this may be due to the Desktop PC (connected with Fast Ethernet/802.3) and the Printer (connected with 802.11g) being on different type networks (even though it’s seen as the same LAN with the same IP addressing scheme (internal VLAN?)), possibly requiring the use of an internal Bridge (within the Motorola SBG900 Wireless SURFboard Gateway) between the Wired and Wireless networks that could cause fragmented IP datagrams? Would this make sense?

Related Links I Found (unfortunately after problem was fixed):


Thanks in advance!

[attachment deleted by admin]


I love your presentation :slight_smile: It’s has to be the best formatted post i have seen :slight_smile:

Define a new trusted application question;
Seems to me that you may be on ‘Safe mode’ thus by defualt if it’s in the whitelist it’s automatically allowed, no rules are created (You should have ‘create rules for safe applications’ checked in the “Firewall Settings” (CIS > Firewall > Behavior Settings) They do this to have better performance loading dialog’s etc etc…

Add/Delete Network Security Policy;
I believe it wasn’t related to Windows 7, Could you let me know if it was on Safe mode or not? also a more in-depth explaining of how/what you created for the rule "A screenshot of the application rules (With mozilla thunderbird highlighted would be enough) But NO UAC doesn’t have any affect on CIS (Unless Viewing the Logs(I believe) or trying to uninstall the program

Reset Comodo Internet Security;
This is currently in the wishlist

I do believe if you add a rule to the global rules
"Allow all out going requests IF IP is “IP of Printer”
"Allow All Incoming Request IF Soruce is “IP of Printer”

Add these to svchost.exe in the application rules (Thus the printer spooler will be able to contact the printer)

Hope this helps :slight_smile:

Any questions i have missed?