Problem with comodo firewall

jf pion
jf pion
Joined: 19 May 09
Posts: 2
Credit: 11413961
RAC: 0
Topic 195839

I can't find a solution on the forum, my comodo firewall block the einstein application "einstein_S6Bucket_1.01_windows_intelx86__SSE2.exe" because there is not digital certification. I try to go around but the firewall is ...obstinate !

is there a way to have the application certified ?

thank you

Gundolf Jahn
Gundolf Jahn
Joined: 1 Mar 05
Posts: 1079
Credit: 341280
RAC: 0

Problem with comodo firewall

There have been some posts about that subject. To find them, select "Advanced search" in the top left corner of this page and enter "comodo certi" in the search box (without the quotation marks). Then select one year as search limit and start the search.

I hope there'll be some useful information in the three threads coming up.

Gruß,
Gundolf

Computer sind nicht alles im Leben. (Kleiner Scherz)

Vladimir Zarkov
Vladimir Zarkov
Joined: 27 Feb 05
Posts: 66
Credit: 4876895
RAC: 0

This is a copy-paste of a

This is a copy-paste of a solution that paul milton found some months ago. Worked as a charm for me, now Comodo does not waste crunching time. :))

"1. open comodo.
2. click defense+.
3. click trusted files.
4. click "file path" at the top to sort by file path, it makes this next part easier.
5. check the box on the left of every instance of boinc and click "remove" on the right.
6. click close.
7. click Computer Security Policy.
8. click the "Defense+ Rules" if it is not already selected.
9. click add.
10. click "select" if boinc is running search by process, if it is not browse for it. your after the "boincmgr.exe" file.
11. after selecting "boincmgr.exe" select "use a predefined policy"
12. select "installer or updater" from the drop down.
13. click apply.
14. close out comodo and reboot.

NOTE: this allows boincmgr.exe to run ANY file it desires and comdo will allow it. this is why i say this is not exactly "ideal" but it appears to be working.

NOTE 2: you apparently have to remove each instance from the "trusted files" list for this to work. because if i understand what ive read on the comodo forums correctly when a file is on the trusted files list any policy for the file is "ignored".

ive opted to do it this way because when einstein does an update the file name does not stay the same, thus one would have to define a new policy for each einstein app.

i may be getting client vs app mixed up, i can never keep them straight in my head for some reason lol"

jf pion
jf pion
Joined: 19 May 09
Posts: 2
Credit: 11413961
RAC: 0

it works but I had to do

it works

but I had to do the same for boinc.exe not only boincmgr

thank you

Gundolf Jahn
Gundolf Jahn
Joined: 1 Mar 05
Posts: 1079
Credit: 341280
RAC: 0

RE: I hope there'll be some

Quote:
I hope there'll be some useful information in the three threads coming up.


Since this thread has been made sticky and one of the three threads already has fallen out of the one-year frame, here the links to the reaining two:
Einstein error
Comodo Internet Security - Trusted Vendor List Sign Up

Gruß,
Gundolf
PS: I can't find the older (or any) forum threads on Google, unlike with other projects. Obviously robots are excluded from the Einstein message boards. Would they generate too much server load? In other projects, external search engines come in handy to find messages older than a year.

Computer sind nicht alles im Leben. (Kleiner Scherz)

Mike Hewson
Mike Hewson
Joined: 1 Dec 05
Posts: 5786
Credit: 46178838
RAC: 3920

RE: PS: I can't find the

Quote:
PS: I can't find the older (or any) forum threads on Google, unlike with other projects. Obviously robots are excluded from the Einstein message boards. Would they generate too much server load? In other projects, external search engines come in handy to find messages older than a year.


I'll ask about that and get back to you. :-)

Cheers, Mike.

pascal_sig.jpg

Bernd Machenschalk
Bernd Machenschalk
Joined: 15 Oct 04
Posts: 3739
Credit: 157705964
RAC: 58637

RE: PS: I can't find the

Quote:
PS: I can't find the older (or any) forum threads on Google, unlike with other projects. Obviously robots are excluded from the Einstein message boards. Would they generate too much server load?

Google and bing are probably OK, but we once had certain spiders misbehaving, so we denied access for these.

I'll look into that, but it's not my highest priority. Might take a bit.

[edit]Could you add this to the "wish list", please?[/edit]

BM

BM

paul milton
paul milton
Joined: 16 Sep 05
Posts: 329
Credit: 35550101
RAC: 4616

RE: it works but I had to

Quote:

it works

but I had to do the same for boinc.exe not only boincmgr

thank you

sorry about that, i hadnt had to do that for 1 of my systems, but had to for the other one. not sure what the difference was between them (other than 1 was vista the other was xp), by the time i noticed that i was out side the edit window for posts.

glad it worked :)

seeing without seeing is something the blind learn to do, and seeing beyond vision can be a gift.

Professor Ray
Professor Ray
Joined: 22 Feb 05
Posts: 46
Credit: 172244
RAC: 166

What I've done is create a

What I've done is create a file-group: BOINC_Projects.

The file-group consists of:

C:\Boinc_Data\projects\*\*
C:\Boinc_Data\slots\*\*

Within Defense+, Computer Security Policy, I create a rule-set for 'BOINC_Projects', i.e., add, select, file-groups and select 'BOINC_Projects' and then assign the predefined policy of 'Installer/Updater' to the file-group.

That allows BOINC projects individually to do what they need. Also, I create a file group called: BOINC_scr which contains:

%ProgramDrive%\BOINC\boincscr.exe
%windir%\boinc.scr

For protected files/folders resources, I specify a single entry:
\Device\Afd\Endpoint

BOINC.exe & BOINCmgr.exe have their own custom policies:

BOINC.exe
run exectutable: 'BOINC_Projects' file group
process termination: 'BOINC_Projects' file group
registry keys:
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ParseAutoexec
HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent\
Protected files/folders:
\Device\Afd\Endpoint

BOINCmgr.exe
run exectuable:
E:\BOINC\boinc.exe
'BOINC_scr' file-group
C:\BOINC_Data\projects\*\*
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE
Windows Event hooks: E:\BOINC\boincmgr.exe
process terminastion:
E:\BOINC\boinc.exe
'BOINC_Projects' file-group
Windows Messages:
%SYSROOT32%\csrss.exe
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE
Protected Keys:

HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent\

BOINC registry key group:
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryMessageFile
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\CategoryCount
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\EventMessageFile
HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\ESENT\TypesSupported

Protected Files Folders: \Device\Afd\Endpoint

'BOINC_Projects' file group
run exectuable:
%ProgramDrive%\BOINC\boinc.exe
BOINC_scr file-group
C:\BOINC_Data\projects\*\*
%PROGRAMFILES%\Internet Explorer\IEXPLORE.EXE

The Computer Policy Policies for the aforementioned file groups and executables have DNS Client Service allowed checked (all other resourecs are ticked "ask").

To wrap the package up with a nice shiny bow, I then add all the exe files for each individual project into 'trusted files'. This last step removes the 'unknown' disposition for any BOINC images that are listed in 'active process list'.

My preference concerning 'trusted files' is to have all the trusted files necessary for booting the computer listed first. Easy enough to accomplish by disabling BOINC startup in MSCONFIG prior to a clean install of Comodo. Once the system is running, and all the default trusted files are created, I Ihen manually add %ProgramDrive%\BOINC\Boincmgr.exe, %ProgramDrive%\BOINC\Boinc.exe, %windir%\boinc.scr, %ProgramDrive%\BOINC\boincscr.exe, %ProgramDrive%\BOINC\boinctray, and then go systematically through all of the BOINC_Data/projects/* folders and select ALL exe files en masse. Then add them in one fell swoop.

Works good, last long time.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.