Why does comodo firewall let the network discovery to connect on Public Network?

Discussion in 'other firewalls' started by RealNature, Aug 4, 2013.

Thread Status:
Not open for further replies.
  1. RealNature

    RealNature Registered Member

    Joined:
    Jun 13, 2013
    Posts:
    34
    Today for ex. I open my Network place, and even if I disable the windows firewall and set my adapter to Public, when comodo ask me about the new network I choose Public again, I'm still seeing the others pc from my network, and this isn't normal, why does comodo let network discovery to connect, without an warning? With windows firewall if I choose public the network discovery is disable, but with comodo I can't do that, can I ask why? I know if I choose to turn off network discovery the windows firewall is enable by default(this is the only way I can't stop my network discovery from seeing other pc). But still I don't like to have 2 firewalls enable on my pc, why comodo doesn't alert me about this connection attempt(I configure cfw to custom rules and alert set to medium). I'm behind W7x64 with latest CIS. Same behavior with PrivateFirewall, can anyone explain me why these 2 firewalls let network discovery to work on public place/high network security?
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    I haven't used Comodo in while but when I did the following applies.

    Comodo by default allows all IP addresses assigned to your local subnet. Are you on a LAN and you want to block outbound access to all PCs except your own PC? . To only allow your PC Internet access, you need to define a "Network Zone" rule, add your PC IP address e.g. 192.168.1.1 to it along with the router and broadcast address(192.168.1.255). Then use the name of the network zone you just defined in the Stealth Ports Wizard.

    I also believe once you lock down your allowed network zone to only your PC, your going to have issues with multicast i.e IGMP and UPnP traffic. Multicast uses IP addresses in the 224.xxx.xxx.xxx range and uPnP in the 239.xxx.xxx.xxx range. The WIN 7 firewall in its core rules allows all inbound and oubound traffic for multicast. The WIN 7 firewall also allows all outbound uPnP traffic by default allowing all outbound traffic. The WIN 7 firewall also nicely allows all inbound uPnP traffic from the localhost address. None of the this happens in Comodo once you start locking down IP addresses allowed Internet access. You will bombarded with Comodo firewall alerts until you create firewall rules to allow the above traffic.
     
    Last edited: Aug 4, 2013
  3. RealNature

    RealNature Registered Member

    Joined:
    Jun 13, 2013
    Posts:
    34
    Well thank you for the steps, but in the new cfw 6.x.x when you click stealth port wizard, you only have 2 option alert about incoming, and block the incoming, so I don't think I can do anything:(
     
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Use this Comodo help as a guide: http://help.comodo.com/topic-72-1-451-4800-blocking-internet-access-while-allowing-local-area-network-(lan)-access.html.

    The above example shows how to block a single PC on the LAN from Internet access. If you get creative, I believe this will give you a solution. The example show a "type" setting for destination IP. I believe there is a option in that box to set an IP range. You can use that to define all IP address on your LAN except your PC, your gateway(router) IP address. and the broadcast address of 191.1.1.255 if you use DHCP to configure your router.
     
  5. RealNature

    RealNature Registered Member

    Joined:
    Jun 13, 2013
    Posts:
    34
Loading...
Thread Status:
Not open for further replies.