500+ Blocked Intrusions per day

Hello fellow Comodo Users,
I have a problem with my firewall which is blocking more than 500 intrusions each day. I just realized this yesterday and looking back in the logs this has been happening for months now (since dec. 18th).
The intrusion is like this:
Application: Windows Operating System
Action: Blocked
Direction: Out
Protocol: IPV6

and then the same source (192) IP to the same destination (92) IP

Can somebody please help me out. I don’t understand if this is a hacking attempt or just a bad firewall setting on my part.
Any help is greatly appreciated.

Thanks.

Welcome

We’ll need a little more detailed information to make an accurate assessment, but if both of the IP addresses are in the 192.168.x.x range, then they’re both on your LAN. Perhaps you could post some of the entries from your firewall log that show these connections.

the source is 192.168.2.16
destination is 92.242.144.10

every single intrusion is exactly like this one
idk if that helps

Still not a lot of information

The IP address 92.242.144.10 belongs to Barefruit, who provide landing pages for DNS providers, when sites are 404. Are you using Comodo DNS? You mentioned IPv6 but these addresses are IPv4. The log files would be very helpful…

sorry about being a noob but how do i get the files you need?

go to the firewall tab and click view firewall events then take a screenshot and post it here. To take a snapshot i would recommend mwsnap.

No worries

1. Open CIS/Firewall/View Firewall Events
2. Find the events related to your question and either take a screen shot of some of them or…
3. Export the log by selecting More/File/Export
4. Zip the file and attach it to a post using Additional Options when you reply.

It would also be helpful if you could take a screenshot of your firewall application rules.

CIS/Firewall/Network Security Policy/Application Rules.

Or use the snipping tool included with windows if on 7.