Is there a list of blocked programs? I can’t seem to find one anywhere.
If you with “blocked programs” means programs that’s not allowed to run(block+remember), open CFP 3, go to Defense±>Advanced->Computer Security Policy and find explorer.exe, double-click it and choose Access Rights. In Access Rights, click Modify next to Run an executable. Then in the Blocked applications section, you’ll find all applications that’s denied to run(tho you can still execute them from cmd). It’ll in almost all cases be there, since explorer.exe executes most of the programs.
If that’s not the case, can you explain what you mean with “blocked”?
Did what you instructed and worked like a breeze :BNC
I know it wasn’t me who asked the question, but needlessly to say i have now learned how to check any programs i have blocked etc.
Your explanation was clear and precise. (:CLP)
Actually what I meant was I’d like to see all programs blocked from accessing the internet. I don’t like applications phoning home without my permission, such as Bonjour Service and others that seem to never obey manually entered startup rules.
You would have to add applications or redefine their permissions to “Blocked”. Click Firewall>Advanced>Network Security Policy. On that page find and select the application (or Add it by browsing to the directory and selecting the exe that you want to block) and click Edit. On the dialog, click the “Use a predefined policy” button and select “Blocked” from the drop-down. Then click “Apply” there and on any parent screens that show an Apply button.
You mean CFP let’s any application access the internet that asks unless I manually block it? Or does it continually ask, without the real time option to “block” future access attempts? If that is true, maybe I’m missing something, but that is a very unintuitive way to do things. There should be a top level list of programs blocked from internet access in order to edit them readily. Programs trying to access the internet should be blocked automatically unless the user decides to allow it.
All programs are “Ask” by default except for programs that are on the Trusted list that CFP comes with (they are digitally signed programs that can be verified by a Lookup) or programs that you define as Trusted. If you “Allow” a connection, it generates a general rule to permit connections. If you choose “Block” - I am not sure what happens - I never tried that from the pop-ups. In any event, you can always change the access permissions by clicking Edit on the Network Security Policy entry for the application that you want to change permissions for. The same is true for Defense+.
I’m still in disbelief that a security software would allow anything “automatically.” I’m also having difficulty finding Blocked and Trusted (or allowed) programs in one spot.
I can’t even remeber where I was now, but I was trying to add a program to the trusted list, and it said it was already added, but in the window, it showed no programs.
IMO, it would behoove operation if all programs “trusted” or “blocked” or “ask” should be on ONE page, with a right click to edit. This goes for any operation one needs to complete.
So you would have a page where you could add, edit, block, ask, etc in ONE simple location, with child options on what parameter you want to set–Defense, Firewall, execution, etc.
I love this firewall, but it the options and controls seem too unintuitive and “spread all over the place” for ease of use. I would love to have ONE list of programs that are both allowed and blocked, for instance, from internet access in ONE location. I still can’t find that list, and I know that some application, such as Bonjour Service, should be in my blocked list. But CFP has never tried to block it.
I’m going to install some Adobe apps on my laptop tonight, and well see if Comodo blocks the updater from Adobe, or if it allows it to phone home without my approval.
I just saw on my home computer that Bounjour Service was allowed to access the internet without my permission and w/o asking me. Can’t tell you where I found it becsaue I have trouble finding anything in CFP. I feel like I’m chasing my tail here.
This is wrong fellas. No security product should auto-allow anything, period, not even “trusted” applications.
That’s my opinion too, but the purpose of this arrangement is to reduce the rather large number of “Allow” requests that would otherwise happen. I have suggested elsewhere that the option to not automatically allow net access for trusted applications should be included in a future version - or that they should have a list of net permissions for trusted applications that can be edited. Defense+ does benefit from the Trusted list with little downside that I can see.
Well, we see eye to eye here. I actually had to uninstall CFP from my laptop today. It was locking all of my programs down to the point I had to wait 10 minutes for Word to open, which I had listed as a trusted app.
I went back to my old FW today, and several of my friends have uninstalled it or had similar lock up type experiences with this software. we’re not computer morons either. i’ve worked on computers for over 15 years starting with Shell Oil company, and both my friends who installed CFP are working programmers or technicians, one from Pitney-Bowes is the lead design programmer. Before that, he was a Network admin for a large paper company.
He said the software is a huge undertaking, but in his opinion, after spending several hours at a code level watching it’s network and defense interactions with Vista, concluded that in his opinion, the program should NEVER have been released as a final, and that he feels it is still a Beta software.
So there you have it: Installed on four separate platforms, each running a different version of Vista, and each platform suffering what we have concluded is an insecure network practice, or an all out system lockdown.
We are all in agreement that this project is quite fantastic and a noble pursuit, but it is in no way anything other than BETA at best.
Of course we only represent four computer intelligent people with four systems, but given the total amount of problems peple are having, plus future reviews of this software, I think others will agree.
I suggest that people do not install this software except on secondary machines for purposes of playing with it.
We also all agree that the layout is graphically nice, but navigationally disturbing. Firewall and defense settings should be on ONE page with right click access, not spread between three or four panes. I feel like I’m going through a maze every time I want to make a change. I spent several hours last night actually NOT trying to figure it out, but reading the manuals. I can see the logic, which is again wonderful, but it is not ready GUI or Code for prime time–almost, but not quite.
we will keep checking back, but for now we have our own computer and programming problems to work with and cannot waste anymore of our time trouble shooting and investigating CFP, and that is a shame. It’s a very robust effort indeed.