Hi Guys’ s:
2 simple questions ( i hope)
1 Is this statement true: “CFW 2.4 has no HIPS function but 3.0 will”.
2 if I want to add a packet tracker/filter/ blocker of the evil sites in the WWW which ones will play well with CFW 2 or 3 for that matter?
Easy eh!
(:WAV)
Yes.
Erm… no. I don’t understand exactly what you mean. ;D But, hostnames, IPs, ranges of IPs, etc… can all be blocked in both 2.4 & 3.
Thanks.
Sorry, I was fuzzy in my packet sniffer/ tracker question. javascript:void(0);
Nerd
I want to use CFW to block sites etc. So that means I have to KNOW what sites/ip’s to block right?
So if I get a packet tracker to see what sites are being connected to by my PC I can check them out and then block them or not? right?
Where can I get a good sniffer that is ok with CFW?
OR is there a better way for me to deal with this.
OK. From a users perspective sites are usually seen by there name ie. forums.comodo.com & that allows the IP number to be changed without impacting the user. If you wanted to know what name an IP had, then you do a, so called, Reverse DNS Lookup. You would ask your Domain Name Server to get you an IP for a NAME, such as forums.comodo.com into 87.127.204.149. There’s also something called WHOIS, that returns lots of information about the IP number. Anyway, if you’re trying to block web browsing then you need to use hostnames rather than the IP number or both. Remember the DNS Resolve (IP number into NAME) can change. If it’s P2P networks or torrents, then they use both.
The packet tracker… its called a Packet Sniffer… Wireshark no question. With that you will see the actual data packets… remember those DNS Resolves & Reverse Lookups I was babbling on about… you’ll see that actual requests. Not sure if WireShark does the actual DNS name lookups itself. But, there are loads of utilities to do that.
PS Oops… forgot the original question… LOL… ;D Both 2.4 and 3 can do this.
Thanks, a real good point you have about the ip sites changing numbers thus using names.
I another thread I was working on blocking all non MS Outlook Email attempts and used #'s. Should these be replaced by the in / out isp server names?
The same thing that applies to web sites also applies to email servers. These are usually names, such as… mail.something.net or maybe pop.something.net for the POP server & smtp.something.net for the SMTP server. The first thing that Outlook (or any email client) does on a send/receive is to request a DNS resolve against mail server name to find the IP number. The IP numbers behind the server names can, and do, change.
Hi:
Another V3 HIPS question.
In V3 is it an option to use it or not?
Some users have a hips they know and may want to stay with the one they know.
Melih said yes on more than one ocassion before. However, the first alpha release of 3 doesn’t have the option yet. That and among other functions (I don’t know as I haven’t tried it) haven’t been implemented.
Okay, good that great! We can wait :BNC