Anti-ARP Spoofing Causing Sites Not To Load

I am on Windows 10 Pro 1909 x64 Build 18363.836 and Comodo CIS The Windows install is fairly fresh and less than 2 months old. I am using proactive with cruelsister variation. When I recently turned on the advanced FW setting shown in image below, some websites would not load. Some others seem to load more slowly. The blocked application is svchost. There are many network intrusions coming IN from the IP address associated with my modem/router: application- Windows Operating System. Action- Blocked. Direction- In. Protocol- ARP. Source IP- My Router’s IP address. Destination IP- My PC’s IP address.

Even when a page loads, I get the network intrusions. Diagnostics wouldn’t even complete with anti-ARP turned on. All my reports have been very small except for this one which is much larger. Will take some time to upload report.

Your router is most likely using VRRP or HSRP need wireshark packet captures to see whats happening. Similar issue with wifi captive portal with anti-arp spoofing being enabled.

My PC is having trouble loading this site, so I’m replying from my phone. My modem/router is an Arris BGW210-700. I’m using a wifi adapter with a Realtek 8812BU chip. Unfortunately I know nothing about the technologies that you mentioned. Even after reverting the settings in comodo I was having connection problems. the modem would show red instead of green after multiple reboots and this page would not load. So I’m not sure what’s going on. I’ll take a look at Wireshark but not sure I’ll be able to use it.

Using the latest stable build of CFW. Intel processor, asus motherboard, netgear wireless card. Windows 1909. 18363.836. But this has been happening since I was still using windows 7 back in 2018.

The anti-ARP spoofing still causes total internet traffic stagnation. My old wireless card was also a netgear, but this problem only happens with the wireless card I’m currently using.

Would be helpful to try using a non-wireless network adapter to see if it still causes issues. And a wireshark packet capture with and without anti-arp spoofing enabled would also be helpful in identifying the issue.

I don’t have the hardware to do that.

You don’t have a regular NIC that you can plug an ethernet cable into? Either way at least perform a packet capture using wireshark with and without ant-arp setting when browsing to a website.

I have the ports for it, but my router is all the way on the other side of my home. The only eithernet cable I own is being used to connect my ISP’s modem to my router.

The only portable PC I have that comodo can be installed on is a microsoft surface 2 Pro, which was bricked because a version of comodo caused a black screen on user account login when one of the updates to windows 8.1 came out.

The only way to fix that tablet would be to run it in safemode and uninstall that version of CIS from there. But you can’t start the microsoft surface 2 pro into safemode without using mscofig first.