ARP protection in MalwareDefender firewall

I just downloaded MD 2.5.0 and I'm barely out of learning mode,still trying to understand the beast, but I need help with any Rule I could do to implement ARP protection within my connected computers.

Up to now I never shared anything and they were quite safe from one another,but now I need to set one computer for file sharing and would like to keep the other two safe from dangers.

Comodo provides such a protection effortlessly, but I couldnt discern any such chance on MD firewall,which remains a bit cryptic too me.

A router provides protection from the outside,obviously,but I'd like to set a rule for the pc running MD not to accept anything from within the LAN itself. Might be such a rule is already in place ,but I cant find out.

Anyone,please?

 

Put in different words,as I dont fear here MIM attacks but my own LAN:
in order to protect computer A (set NOT to do file sharing) from any collusion with computer B (set to do file sharing) in my LAN
what can I do in Malware Defender?

Can I make a Rule denying anything coming from computerB MAC adress?

Anything I can do in Router (firewall) settings?

 

AFAIK, Malware Defender's firewall isn't capable of providing this detail of rule creation; i.e. MAC address rules or ARP rules. I would suggest running a light-weight firewall alongside MD for your firewall needs.

 

thanks for the advise do you think comodo will be a good suplement?

 

I have a question related to the topic.

Many times I enable/disable protection in MD (during installations and similar) through keyboard shortcuts.

If I use a 3rd party firewall I suppose I do have to disable permanently network protection.

But through the keyboard shortcut it will be re enabled. Can I avoid this?

@jmonge: it will be a very good supplement, as it runs very light. Have a look @ look n stop also.

 

thanks mike

 

@jmonge: I've never used Comodo alongside MD, so I can't say.

@mike21: I don't disable MD's network protection and haven't had any conflicts between it and Jetico PFW. I've also played around with several other firewalls alongside MD in a VM and never had any conflicts. I don't think you'll have any issues leaving MD's network protection enabled.

 

thanks derelict_ny

 

Derelict_NY, thanks, I am seriously consider to add a FW, although I am behind zyxel router and I don't know if it is necessary. What do you think?

 

I'm also behind a router. I have never logged any unexpected inbound activity with my software firewall, but I'm too paranoid to run without one. For me, it's mostly a matter of being able to understand and control the applications on my computer making outbound requests versus blocking any inbound intrusions.

 

I'm also behind a zyxel router and use the Windows Firewall along with MDs network protection.

It's really difficult to find a 3rd party Firewall, if you don't want to take the turn-off to the hook parade.

With Windows 7 there are only LnS and the Windows Firewall left, all other (Jetico, Online Armor, Outpost, PC Tools, Privatefirewall) come with built-in HIPS and this means a lot things are done twice respectively hooked twice.

But I think it depends on what is behind the router.
If there are also a few insecure boxes, then there is maybe a need for all this ARP protection and the like.

Cheers

 

Thanks for your reply. I am using XP atm so I have plenty choices. I agree about the hook parade. What do you mean what is behind the router?

 

If there is only one Computer connected to the Router, you don't have to worry about ARP-Spoofing, as there are at least two Computers in the same network needed.

Here are posts by Stem about Windows FW and ARP:
https://www.wilderssecurity.com/showpost.php?p=1562560&postcount=4
https://www.wilderssecurity.com/showpost.php?p=1462620&postcount=47

And a thread about "ARP Spoofed packets"
https://www.wilderssecurity.com/showthread.php?t=241324

Cheers

 

I see. There are three PCs connected.