Problems with webpages that contain flash

[Unknown_User_807]

does anyone have any suggestions for another FREE firewall

wraith: although im unfamiliar with comodo, a free firewall/badware app that i use is called Blink (from eEye). a little tweaking is necessary to get them to play together, but i have them both running just fine. in Task Manager under Processes, it just sits there with 0% and 14 megs of mem.

[SnDPhoenix]

although im unfamiliar with comodo, a free firewall/badware app that i use is called Blink (from eEye)....

I thought someone mentioned on here that Blink is incompatible with Sandboxie because Sandboxie is one of the things that Blink checks for and wont allow you to install Blink if it detects Sandboxie, has that been changed?

Out of curiosity, does anyone have any suggestions for another GOOD. FREE firewall that is as light on system resources? I've yet to hear of another that can quite match Comodo.

Yeah, Comodo is the best firewall handsdown, but if your looking for an alternative firewall thats as good, one that i always heard was a good firewall is Jetico (yes its free and light), i remember testing it out and thought it was pretty good (although not better than comodo) but decided not to keep it because i didnt need a FW anymore

[wraithdu]

Thanks for the suggestions. I'm gonna stick with Comodo however until it becomes a bigger issue. I think Jetico would be my second choice though.

@tzuk - have you had an opportunity to check into my latest findings (last post on first page)?

[tzuk]

@tzuk - have you had an opportunity to check into my latest findings (last post on first page)?

Oh sorry, haven't noticed that post until now. I'll try it.

[tzuk]

After a bunch of playing around, and many more crashes, I've determined that Sandboxie is not playing nice with Comodo.

2. Place Comodo into 'Allow All' mode (if set to 'Custom' then the system crashes at step 4)

I got that impression too. By looking at the process resources in Process Explorer, it looks like the pieces of Comodo are trying to talk to each other through the Windows COM framework.

Because Sandboxie restricts sandboxed processes to the Sandboxie COM framework, so the pieces of Comodo can't reach each other, and the system hangs, as you have seen yourself.

Specifying OpenIpcPath=* and OpenPipePath=* in Sandboxie made Comodo work well. That was a poor solution. Another alternative I tried was to close the Comodo tray (CPF.EXE) and restart it sandboxed. That also worked well.

Finally, it also performed well when I ran the sandboxed CPF.EXE in addition to the regular CPF.EXE. That means you don't compromise your firewall, and also solve the hang problem at the same time. It may be an annoyance to start CPF.EXE sandboxed manually, but it works. The videos play to completion.

Now I'd like to ask you to see if it also solves the other problems you had: Service crashes / memory usage / CPU usage / whatever.

If it works well for you, then I will consider adding something to Sandboxie that automatically starts 'cpf.exe' if it is running unsandboxed in the system.

[wraithdu]

Awesome! I will definitely give this a try when I get home. Does starting cpf.exe in the sandbox result in two tray icons though, or seem to affect Comodo running outside the sandbox?

[wraithdu]

@Paul_K & street011 - what firewalls (if any) did you use while testing this out before?

[wraithdu]

Well I wish I could say I had the same positive results, but I did not.

1. Tried to start cpf.exe inside the sandbox along with the instance running outside. It started, but it could not communicate with the cmdagent.exe service, so all it's protections were disabled. I tried the videos anyway, and the system crashed.

2. I added OpenIpcPath=cpf.exe,* and OpenFilePath=cpf.exe,* (both are required) which allowed cpf.exe to start inside the sandbox with the protections enabled. However doing so does NOT allow me to run cpf.exe both inside and outside the sandbox. It can now detect that another instance is running, so only the first instance is allowed to remain, whether that be inside or outside. So I ran cpf.exe inside the sandbox, and in a attempt to avoid a total crash, set it to 'Allow All' mode which previously only ended the cmdagent.exe service. Well, total crash anyway.

3. I decided to go for broke and tried without cpf.exe running at all. Within 5-10 seconds of playing a video, the cmdagent.exe service was ended and I was unable to restart it until after reboot.


It seems there is some conflict directly with the cmdagent.exe service and not only (at all) with cpf.exe.

[Paul_K]

@Paul_K & street011 - what firewalls (if any) did you use while testing this out before?

I use Zone Alarm Pro, version 7.
Also, I did want to mention that trying an OpenFilePath to the plugins folder, as you requested earlier, may not be of use, since my flash plugin is located at:
C:\Winnt\System32\macromed\flash

An OpenFilePath to that folder didn't do anything, either.

[tzuk]

Well I wish I could say I had the same positive results, but I did not.

Sorry to hear that. When you talk about crash, do you mean the system stops with a BSOD, or automatically restarts itself? Because my experience has been like this: First, only Firefox freezes, but other like the desktop, Start Menu, Sandboxie Control, an open cmd window, all that keeps working. But as soon as another process tries to launch (for example, if you hit Ctrl+Shift+Esc and the Task Manager starts), the system locks up completely. There is no BSOD or crash at any point. It locks up and stops responding.

[wraithdu]

First, only Firefox freezes, but other like the desktop, Start Menu, Sandboxie Control, an open cmd window, all that keeps working. But as soon as another process tries to launch (for example, if you hit Ctrl+Shift+Esc and the Task Manager starts), the system locks up completely. There is no BSOD or crash at any point. It locks up and stops responding.

Yep, that's it. I usually have Task Manager already open in anticipation, but I get the freeze if I try to end any process as well - FF, cpf, cmdagent....doesn't matter.

[tzuk]

It may have to do with the "Application Behavior" setting. When I wrote to you yesterday, I had it in learning mode, and things worked as I described. I turned that setting on, and even with a sandboxed CPF, I still got the lock up. Or maybe it's entirely irrelevant, and the lock ups happen or not because of something else. I'm still trying to figure it out better.

[wraithdu]

I'm pretty sure I have mine set to 'learning mode' as well. I just leave it there.

[tzuk]

Okay, how about this. Does adding

Code: Select all

OpenPipePath=\DEVICE\*

make things better for you? Don't qualify that to cpf.exe, at least, not at first.

[wraithdu]

Success! No crashes, videos play fine, and in 'Allow All' mode the cmdagent.exe service is not ended.

I'm guessing though that this is only a partial solution since it probably opens some big security holes.

EDIT - this also works

Code: Select all

OpenFilePath=firefox.exe,\DEVICE\*

Probably a little more secure, but I doubt a very good idea really. BTW, for these tests I had Comodo running as normal, not in the sandbox, hence OpenFilePath instead of Pipe.

Doesn't opening \DEVICE\* allow FF write access to everything (all drives)? Anything else that statement does?