Attacks from myself

Hi, I’m new to all this so please bear with me.

I’m running Comodo pro 3.0.15.277 I am getting attacked from ip 192.168.1.1 (wich is my own computer, i think) on IGMP trying to target/contact ip 224.0.0.1. These are currently being blocked by comodo, but occur every 30 seconds i have already 1056 today that have been blocked - all are identical when i look in firewall events - is this a virus, or an attack or what - please help - very confused, the transporter

Take a screenshot and upload your events. Blank out your ip addy though.
someone here will take a look for you.
seems like you need to make a rule, sounds harmless to.

Can you explain how I can take a screenshot and upload it please - sorry I have no idea how to do that

Hi,

I have no reason to think that it will be harmful to block that, but I have no reason to think that it’s malicious… Sorry I’m not knowledgeable about networks, you can read this I just found in Google,

http://www.rhyshaden.com/multicas.htm

but likely it will sound so alien to you as it does to me. :-[

Anyway about posting screenshots, just press Alt+PrnScr (PrnScr will be on the right part of your keyboard, along the top), then open “start > programs > accessories > paint”, paste (Ctrl+V), and save as a PNG file. Then when posting here, in the editing page click on “additional options…” and insert the pathname of the file you created in the “attach” field clicking on “choose…”, then just post along with any text normally.

224.0.0.1 is your multicast address. Your router (192.168.1.1) is trying to manage all the hosts (computers) on your network. Why you are set up for multicast I don’t know. Not harmful, but you may need to allow them if your network stops working, or isn’t working right. Do these show Windows Operating System as the application? Whatever it is, make an explicit rule to block these without logging, and the messages should go away. Or make the same allow rule.

Ok, thanks for all that - Yes the application is the widows o s. Attached is the screenshot (handy to know how to do, thanks) this all started after a windows update - something about net framework. I have a single computer which accesses the internet via a router with a wifi, so i have no network as such - no other computers, but my son has one in his room that he accesses the router with, also via a wifi - but our two computers dont ‘talk’ to each other and are not networked - never set it up. How do i set the rule to not log the attack, or is it best to try to stop the os from sending the request in the first place?

[attachment deleted by admin]

You can add a rule under Windows Operating System (under running applications if it’s not already on the list)
block/ip/in/any/any/IGMP. Not much you can do to stop the router from trying to see who is on the network-you are just another host and its firmware says to do it. Message is to your OS, not from it. :wink: