Author Topic: network control rules  (Read 8758 times)

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
network control rules
« on: March 22, 2007, 10:05:48 AM »
Hello everyone. I was just tring to get an application to complete a tst on my comp and with the firwall off it completed with it on and giving the program full access it failed. I had a rule in the network control that is no longer there. I didn't think I deleted anything nor did i mean to permit something that shouldn't be. I think it was a ip rule. Possible there by default since I never made any specific rule.

Is there a "block" rule that is generated by default. It may have been an "ip in rule".There used to be a red one here.I never remember making it --it was just always there...



[attachment deleted by admin]

Someone

  • Guest
Re: network control rules
« Reply #1 on: March 22, 2007, 10:25:16 AM »
That last rule is not default, and i can't see exactly what it is (port). Take a complete screenshot so we can see.
The last block rule, which YOU MUST HAVE, is to block everything else:

Action: Block
Protocol: IP
Direction: In/Out
Source and Destination: any
IP Details- IP Protocol: any

And create an alert- ticked, if you want to log the block rule.

You must have it!

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #2 on: March 22, 2007, 10:41:46 AM »
Here is the full shot. Please be specific as possible if I have to create a  new rule or modifuy one. Is that second screenshot the right rule. Sorry not too good with rules (:NRD)



protection level is exellent--but it notified me I had to reboot for config to go into effect

Thanks

[attachment deleted by admin]
« Last Edit: March 22, 2007, 10:47:49 AM by rockstar »

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #3 on: March 22, 2007, 10:48:08 AM »
Rockstar, at the very Minimum, this is what you need to do:

Right-click on Rule ID 5, select Add/Add After.  This will open a rule editing/creation window.  You will fill it in as follows:

Action:  Block (and check "Create an alert if this rule is fired" in order to log any blocking action)
Protocol:  IP
Direction:  In/Out
Source IP:  Any
Destination IP:  Any
IP Details:  IP Protocol:  Any

OK.

Then reboot your computer to reset the rules change to the Network Monitor.

Your current Rule ID 5 is not a standard rule, although the rest are; any time I see a rule to Allow Inbound traffic, I am concerned.  Please provide the full details of that rule (IP addresses, Ports, Protocols, etc), and explain what you are trying to accomplish with it.

TNX,

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #4 on: March 22, 2007, 10:49:46 AM »
Rockstar, you've got Rule ID 6 (per your second screenshot) nailed, looks like.

Now let's just clarify Rule ID 5...

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Someone

  • Guest
Re: network control rules
« Reply #5 on: March 22, 2007, 11:07:21 AM »
I would delete no.5 . It's allowing everything in TCP/IP! The last block would be blocking IGMP and not much more!

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #6 on: March 22, 2007, 11:10:35 AM »
I would delete no.5 . It's allowing everything in TCP/IP! The last block would be blocking IGMP and not much more!

That's my thought as well.  However, I want to make sure if there's a specific purpose that needs to be addressed, such as a p2p rule or something; without the details (which aren't showing completely) it's hard to say...

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #7 on: March 22, 2007, 12:04:36 PM »
Thanks guys I reallly appreciate this. see three screenshots for details of rules 5, 6, 7.

I really have no need for any special settings  special meaning  loose or not too secure. I don'yt need anything so tight as to be intrusive though.

 http://www.rejetto.com/hfs/

It does not work. There is a self test that it fails unless comodo is off.

[attachment deleted by admin]

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #8 on: March 22, 2007, 12:12:28 PM »
tried to modify that last post but session verification failed?   any way after right clicking on rule 5 and doing as suggested it made another rule 7 which is the same as 6?

Someone

  • Guest
Re: network control rules
« Reply #9 on: March 22, 2007, 12:13:52 PM »
Those last 2 screenshots look duplicate.

The first screenshot is a rule you should delete. To understand what that rule says:
'Allow packets come in and out, using protocols TCP or UDP, from any port or IP, to any port on your computer'. As you can see, this is not what a Firewall rule should look like, unless for some specific reason.

Now a Q: what's tst? Or what exactly is it that you can't do? I'm sorry if i'm not getting it, LM probably is, but do answer, even if it only serves to educate me :)

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #10 on: March 22, 2007, 01:09:32 PM »
Rockstar,

Would you please open your Network Monitor to full-screen size, then capture another screenshot of the whole thing (NetMon, we don't need the surround GUI), and attach that to your post.

Since it looks like you have duplicated some rules, I want to see the whole thing.  Don't make any changes while we're looking, ok?  ;)

TNX,

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #11 on: March 22, 2007, 01:22:00 PM »
The last 2 screenshots were duplicate. there was 2 in the panel  the second one was created when I did what it said in the post from 10:48:08 the current config looks like in the  attach.

The software  http://www.rejetto.com/hfs/

is something I just saw today I am toatally no familiar with it But what I think happens-is [I think] a window opens[I did see that looks somewhat like ftp client and you can drag and drop a file or whatever onto it and then you give the ip to someone and they can just grab it or what ever.

Say I have a program that I want to share or a huge file or what ever I just drag and drop and see what happens. I haven't tried it because it don/t run.I don't really know what it can do...

There is a self test to see if it works..gets throught the firwall/router[I don't have one] I guess

You can easily try it. There is no install just run .exe (:SAD)
---------------------------------------------------------------------------------------
sorry LM I deleted the duplicate and edited the other one. last 2 attach.

[attachment deleted by admin]
« Last Edit: March 22, 2007, 01:37:27 PM by rockstar »

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #12 on: March 22, 2007, 01:42:57 PM »
Rockstar,

Ok, the Network Rules look fine now.  It appears to be the same as the default rules created at install.  Should provide all the security you need, with functionality at the same time.  Not too rigid, not too loose.  For some applications like torrent/p2p apps, you may need to create specific Network Monitor rules due to port usage, but normally application rules are all you need from here...

Now, as far as HFS goes... Do I understand correctly that you are trying to use this filesharing application, but are unable to get it to connect to the internet?

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: network control rules
« Reply #13 on: March 22, 2007, 01:55:14 PM »
Hey Rockstar,

Looking at HFS' website, it looks like you have to do some portforwarding in router, and create a network rule in CFP for Inbound on a specified port.

Here's the PortForward.com link to the HFS section, where you can choose your router for specific configuration instructions.  http://www.portforward.com/english/applications/port_forwarding/Http_File_Server-HFS/Http_File_Server-HFSindex.htm

Once you have the application window open for HFS, you need to click the button to turn it OFF.  Then you can set the Port you want to use (you'll want a high number port, that's less likely to conflict - something like 47001 - 47556, which are unassigned).  You will basically be forwarding that port in your router, and then create/add a new Network Monitor rule.  This will only be if you are wanting to use your computer as a fileserver, that others can upload to (what it looks like, anyway).  If you're just using ito upload files to somewhere else, that doesn't look like it's necessary; just an application rule to allow HFS to connect outbound.

LM
« Last Edit: March 22, 2007, 01:58:59 PM by Little Mac »
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline rockstar

  • Comodo Member
  • **
  • Posts: 41
Re: network control rules
« Reply #14 on: March 22, 2007, 02:04:13 PM »
Don't use a router (:SAD)

I did have one once and did nothing other than dicconnect it. Cut my speed in 1/2 you think that could be the prob? It is not connected now,and I have now problems whatsoever except this.

attach out of oreder  3 1 2

[attachment deleted by admin]

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek