I am seeing ARP Protocol connections being blocked in my log, but there is NO OPTION to allow (or block, for that matter) the ARP Protocol.
Why is Comodo doing this, and when is the ARP Protocol going to be added to the list of other available protocols?
Thanks.
ARP filtering can be enable/disabled under Firewall Behaviour Settings. I would leave it enabled when it is enabled. ARP cache poisoning is the easiest way in for an intruder on your local network.
There is only the “Enable Anti-ARP Spoofing” option in the Firewall Settings.
When I see these alerts/blocks coming from my printer and other proper, safe network devices, I want the ability to be able to specify THAT connection/IP is safe/trusted.
Right now, I can’t.
There is not even an option to configure “Windows Operating System”, which is what is registering ion the “Network Intrusions” log.
This just seems sloppy.
Are you seeing gratuitous ARP requests (destination and source IP address are the same)? They are blocked with v6:
No, the source and destination are not the same - as I said, an example would be my wireless printer’s IP to my system’s IP.