Permit me to reply in this thread - just delete if this is inappropriate (I’m a newbie and find it difficult to find or get access to the right forum to ask newbie questions).
What is a firewall? If it’s software, it ought to work without requiring me to be the firewall. Otherwise the software is nothing more than an alert system, requiring me to do the firewalling (?).
Here’s a case in point. (Again, please delete if this is an inappropriate comment or inappropriately placed. I.e., act as firewall. ) Yesterday MS released SP 3.5 of .net - a big update. For the first half hour, I responded to each of Comodo’s alerts - orange and red - to items such as svchost and rundll (!) and accepted everything until acceptance got to be just automatic. So what was the firewall (me) doing? At that point I exited from Comodo and ran for the additional hour of download and installation (which also required on-line access: don’t you love MS security?!).
Never - ever - have I run without a firewall before. No one should have to do that or have that as an option to standing in front of a computer keyboard incessantly repeating the “accept” click.
Something seems really wrong with my setup or with my understanding of the philosophy of Comodo. What did I do wrong. It was I the firewall, not Comodo. Is there a “sensible only” alert configuration that I haven’t yet found (yes, I downloaded and have read (most of) the docs.) Is there a way to exclude omnipresent rundll or svchost alerts? (Not in the docs). Is there a way to have Comodo use an intelligent selection of what gets alerted using a database acquired from other users and that can spot the difference between normal and potentially dangerous activity? I want to use and trust Comodo and hope the answer to these questions is not: let it run in training mode for a couple of days… Because then it is me that’s the firewall, not Comodo.
Moderator’s Note: Several Posts relating to CIS Operations have been moved from Melih’s Corner, here so that the user’s questions can be answered without disrupting the previous thread.