Author Topic: Comodo Internet Security 2020 v12.2.2.7098 Released  (Read 61960 times)

Offline domo78

  • Comodo's Hero
  • *****
  • Posts: 250
Re: Comodo Internet Security 2020 v12.2.2.7098 Released
« Reply #150 on: March 27, 2021, 01:18:39 PM »
[at]CISfan or Ploget

Sorry, I'm not a security/network expert.

Could you give a concrete example of using a FW rule based on a host name ?

Thank you.

Offline CISfan

  • Comodo's Hero
  • *****
  • Posts: 1443
Re: Comodo Internet Security 2020 v12.2.2.7098 Released
« Reply #151 on: March 27, 2021, 04:09:59 PM »
That previous post has been moved to the Forum Policy Violation Board, for quite obvious reasons. Thanks CISfan for explaining the apparent Firewall failings referred to

You're welcome Ploget.

I had to take it up for the very, very hard work of all developers which provide us with this great tool...


This problem has been around for a decade or so. I can only assume Comodo is aware of this.

The problem boils down to the fact that hostname gets resolved to its IP address only once per Windows session iirc. That does not fly well with dynamic IP addresses which could change during the Windows session.

Thanks EricJH.

The issue is indeed around for decades. I never dared to use it because it could possibly block too many IP addresses.
FW rules based on host name sound simple but it's a rather complex feature.


Maybe I haven’t actually encountered a context where it failed.

To take care of that I use a DNS server since that’s why they are made for.

A firewall isn’t supposed to manage hosts in the first place. Only IP, ports and protocols depending of their implementation levels.

But since CIS has the feature, I agree that it has to be fixed.

It need to build it’s own DNS database somehow, and has to block DNS requests for the given hosts in the blocklist, but also to block connection to the IPs that can be DNS reversed to the ones in the blocklist, as long as the actual DNS server doesn’t bypass all its protection he try to provide.

Thank you for the feedback and explanation Nastrahl, much appreciated.

Implementing the building, maintaining and processing of a local CIS DNS database and linking that to the processing of host name based FW rules... that's a though job I guess.
It would be really awesome to see the host name issue fixed one day...


[at]CISfan or Ploget

Sorry, I'm not a security/network expert.

Could you give a concrete example of using a FW rule based on a host name ?

Thank you.

Hi domo78,

The following CIS help page will provide you with some information, look or search for the words "Host Name" on that page.

https://help.comodo.com/topic-72-1-766-9173-Application-Rules.html

Hope that will help a bit.


Offline domo78

  • Comodo's Hero
  • *****
  • Posts: 250
Re: Comodo Internet Security 2020 v12.2.2.7098 Released
« Reply #152 on: March 28, 2021, 06:09:51 AM »

Hi domo78,

The following CIS help page will provide you with some information, look or search for the words "Host Name" on that page.

https://help.comodo.com/topic-72-1-766-9173-Application-Rules.html


Hi CISfan,

I had already read this page. Thank you.

The setting of my FW must be basic because it only uses protocols, ports and the loopback zone.
That's why I'm trying to understand the need of using a FW rule based on a host name.

My environment is simple, maybe that's why I don't need more advanced settings : a laptop connected to a box, a printer connected directly to the laptop and one user.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek