Would using MAC addresses be a very secure way to identify which machines are allowed to connect to my computer on a local network (Verses using Ip addresses which can change)?
Can MAC addresses not be easily spoofed? Wasn’t there another firewall that I saw that could do that? (I think I can Mask an Ip with my router)
The other option is to use a “Host Name”. What is ment by “host name”?
Thanks for the help.
It would be in so far as TTL for the ARP cache. Which incidently I believe to be about two minutes. The table is dynamic. When MAC requests are made, they are broadcast across the network and the node having the MAC address responds with its IP address. You can define a static ARP cache at boot, but that’s a pain in the neck. MAC can be spoofed, but it requires a hacker to be in the network or otherwise connected directly to the Ethernet segment in question. it utilizes a technique called ARP cache poisoning.
Host name is the domain name portion of a URL. It will require DNS lookup for IP resolution though. For example,
http://boinc.bakerlab.org/rosetta/
it is a link to a server that an app on my system requies access to. I have the host name specified as:
The app will always be able to find the resources it needs, regardless if the server IP address changes. The server IP address is rexolved by host name, the path is resovled at the server itself.
Thanks for the reply WxMan1.
Unfortunately I don’t know what “It would be in so far as TTL for the ARP cache.” is, or what “You can define a static ARP cache at boot” means either. Sorry.
I think this is why I steered away from Comodo in the past (there seems to be a significantly greater amount of technical knowledge required to really use it effectively). Having said that I am determined to really try and get a grip on how to use it properly.
How would you do this:
Laptop number 1 (My laptop) is connected to my home network.
I only want 2 of the other 4 computers in my “Home Network” to be able to connect to (or even SEE this laptop).
When I go on the road and I connect to a hotel’s wireless network, I don’t want ANYONE else on that hotel network to be able to SEE or CONNECT to Laptop number 1 (My Laptop)
What would you suggest for settings to make this possible seeing that MAC addresses can be spoofed, and IP addresses are dynamic?
Additional Information:
My “Home Networks” router is currently set to assign each computer their own ‘static and reserved’ IP when connected to the “Home network”. It does this by looking for their MAC address. Technically however, if the MAC can be ‘spoofed’ , then trying to use comodo to filter them by IP address wouldn’t be the “most secure” way to do it either. No?
NOTE: I have little understanding of how “subnets” work - other than it seems that if I were to change the number at the end of my current 255.255.255.0 that I think it limits the ‘number’ of IP’s that can be assigned.
One more Question:
IF, I was to filter them by IP, could comodo possibly let another unknown computer connect to (or SEE) my computer in a hotel, if the hotel assigned the ‘unknown computer’ an IP that was the same as one of the IP’s that I allow to connect to (or SEE) me at home? … I hope that made sense.
Thanks again for the help.
Ok, I have another headscratcher.
I have comodo on My Laptop (call it #1) set to “Block all incoming connections and make my ports stealth for everyone”.
I have just loaded a new OS onto another laptop (lets call it #2) and I am testing another Free Firewall called “Online Armor”.
This Laptop and firewall has the ability to see other computers on the network and display their MAC, IP address, & the computers Name. It also has a feature that is called ‘Enable active subnet scan’ that basically tries to keep the list of computers that are connected to the network a little more up to date (real time).
Why is it that this new computer with Online Armor is able to SEE me on the Network???
I do have trusted programs that are allowed to access the network (ie SyncbackSE which backs up file to the NAS).
Is it because I have used Comodo’s Default setting for trusted Applications that has allowed this?
Should I set Trusted Applications to go outbound only so that if there is not an active connection made by my system it will ignore everything inbound?
Thanks for you help as I try to figure out whats going on.
Am I reading this correctly, am I not:
http://help.comodo.com/topic-72-1-155-1171-Stealth-Ports-Wizard.html
At the bottom of the page it says:
Block all incoming connections and make my ports stealth for everyone
"Selecting this option means your computer’s ports are invisible to all networks, irrespective of whether you trust them or not. . . . "
So why can The other computer with “Online Armor” see this machine with comodo?
I just tried the above. But when you already have a trusted network defined and you run the SPW again will not remove the trusted network from Global Rules and from the rule for System. That’s a shortcoming.
CIS does not have the ability to have settings for multiple networks. So you will have to work around it.
You can make a configuration, under Manage My Configurations, that you use while on the road.
You start with first importing a clean back up configuration from the CIS installation folders and giving it an appropriate name (think CIS My Proactive Road Configuration or something like that). Then run the SPW to stealth your computer. With default setting it will make most rules automatically. You can later decide to hone it more to your liking.
The second solution is each time you are on the road do the following.
Move the two rules that allow in and outgoing traffic on your LAN to underneath the basic block rule at the bottom. This disables them.Then delete the rule for System to disable the sharing traffic. When back home run the SPW again to be able to share on your LAN.