Comodo Firewall Detected a new network????

Thanks for the assistance in advance!

I usually connect to my Router Wirelessly, but about once a week I do a backup to my NAS through a wired Connection because it is faster.

When I turned off the wireless and plugged in the Ethernet cable Comodo said that there was a New Network detected!?!

169.254.197.119 / 255.255.0.0 asking the usual questions.

This is very strange to me as it has never asked for this before.

What is it? The router is taking care of connecting me to my ISP provider - Comodo shouldn’t be seeing ANYTHING like this outside the router - should it?Huh

2nd question: If I just close the box, and don’t add the network, I can’t get onto the internet. How do I get Comodo to “Detect” the network again so it could be added if I wanted to add it without rebooting in order to get Comodo to “Re-detect” the new network?

I Comodo is quite granular in the control it gives you (which can be good and bad), and I don’t consider myself to be an expert at all when it comes to networking, but at the same time I think that I have a pretty good understanding of it. When things like this happen it presents a huge potential security risk to “Just allow or Add the Network” without understanding what I just allowed.

I added the Network Manually so I am assuming that 'no other computers will be allowed to connect to this computer – it was an option that was offered when the new network was “Automatically” detected.

If I wanted to add that option in the future how would I enable that?

If I allowed it in the past and wanted to “Disable” the ability of other computers from connecting to this computer on that network, how would I do that?

The granular control is pretty amazing, but the potential to leave a very big hole in your firewall is certainly there with the complexity. I am trying very hard to follow it, hopefully someone can shed some light on the subject.

Thanks again for your assistance.

I should clarify too that my router has reserved an IP for this computer and it has assigned it when I made the wired connection.

That is why I am confused as to how Comodo is able to “see” any network outside the router and why it won’t let me connect to the internet unless I allow it.

(DMZ) is not enabled on this router.

Thanks again for any info you can provide.

169.254.197.119 / 255.255.0.0 asking the usual questions.
<< APIPA
What is it?
It's basically when your computer see's a network connection but doesn't have DHCP installed/configuration/setup or if your router has leased out all available IP Address's Your OS Will automatically generate an IP for you to use (If you are connected to your router through the RJ-45 and you still get this IP then go to Start > run > cmd > ipconfig /renew > This should tell your computer to request a IP address to your router

DHCP Dynamic Host Control Protocol It’s Job is to give out IP Address
APIPA * Automatic Private IP Addressing* It’s Job is to give you an IP Address if DHCP is either out of IP Address to assign; or Is down; or is not installed/configured

2nd question: If I just close the box, and don't add the network, I can't get onto the internet. How do I get Comodo to "Detect" the network again so it could be added if I wanted to add it without rebooting in order to get Comodo to "Re-detect" the new network?

You can go to CIS > Firewall > Network Security Policy > Network Zones tab > See If It’s Here (If not Add > New Network Zone > Name it > Select It > Add > New Address (Enter the address (If you have forgotten > Start > Run > Cmd > ipconfig)

If I wanted to add that option in the future how would I enable that?
If you wanted to mark it trusted? CIS > Firewall > Stealth Port Wizard > Define a new trusted network > Enter Details > Ok
If I allowed it in the past and wanted to "Disable" the ability of other computers from connecting to this computer on that network, how would I do that?
You Could Simply Go To CIS > Firewall > Network Security Policy > System > Remove ``` "Allow System To Send Requests If The Target Is In [Network Zone Title]" ``` and ``` Allow System To Receive Requests If The Sender Is In [Network Zone Title] ```

Then Click On Global Rules Tab > Do The Same

Does this help?

Jake

Thanks for the response Jake!

Just to clarify for you – I do have a DHCP setup in my Network, all I have done is “reserved” a couple of IP’s for specific machines on the network.

I DID check at the command prompt that my computer had been assigned the reserved WIRED IP address that I had set for this computer. That is why I can’t figure out why Comodo was: a) telling me it had found a new network with a bizarre ip ( 169.254.197.119 / 255.255.0.0 ) AND would not allow me to connect to the internet without adding the above as a “Network Zone” =====> very strange! the internal networking ip that was reserved for (and acquired by) this computer was 192.168.1.21 =====> not even close to the "new network’ it said it discovered.

I think I covered this above, but to be clear - when Comodo asked me if I Wanted to add the “New zone” ===> ( 169.254.197.119 / 255.255.0.0 ) the first thing I did was run the ipconfig /all command at the command prompt to see what the heck was up. It didn’t show up. Only my 192.168.1.21 reserved Ip showed (as it should have). That is what has me baffled! Even with the proper assigned IP Comodo would not allow me onto the internet unless I added the “New Zone” ( 169.254.197.119 / 255.255.0.0 ). I don’t get it.

My 2nd question (from the first post): "If I just close the box (the advisory that tells me that there is a new zone detected), and don’t add the network, I can’t get onto the internet. How do I get Comodo to "Detect" the network again so it could be added if I wanted to add it i[/i] without rebooting. In other words how can you get Comodo to “Re-detect” the new network?

If I didn’t write down the IP and subnet mask numbers (the first time i saw them) I wouldn’t be able to "manually add the zone. The only way I could get the numbers was to reboot the computer and have it automatically “pop up” an advisory that there was a “New Zone”. Is there a way to have it Look for new zones - that I didn’t add initially - without having to reboot the computer?

Thanks for the response Jake!
Your Welcome
Just to clarify for you -- I do have a DHCP setup in my Network, all I have done is "reserved" a couple of IP's for specific machines on the network.
Ok;
I DID check at the command prompt that my computer had been assigned the reserved WIRED IP address that I had set for this computer. That is why I can't figure out why Comodo was: a) telling me it had found a new network with a bizarre ip ( 169.254.197.119 / 255.255.0.0 )
It was a lag between your machine and the router; that is why for momentarily you were assigned this type of address
[u][b]AND[/b][/u] would not allow me to connect to the internet without adding the above as a "Network Zone" =====> very strange!
For Protection; If you had a hacker on your network, would you want CIS to automatically allow him in your computer? Of course not! that is why CIS wants you to list the IP address that you are aware of.
I think I covered this above, but to be clear - when Comodo asked me if I Wanted to add the "New zone" ===> ( 169.254.197.119 / 255.255.0.0 ) the first thing I did was run the ipconfig /all command at the command prompt to see what the heck was up. It didn't show up. Only my 192.168.1.21 reserved Ip showed (as it should have). That is what has me baffled! Even with the proper assigned IP Comodo would not allow me onto the internet unless I added the "New Zone" ( 169.254.197.119 / 255.255.0.0 ). I don't get it.
Again; must be a lag between your Computer and your Router
My 2nd question (from the first post): "[u]If I just close the box[/u] [i](the advisory that tells me that there is a new zone detected)[/i], and don't add the network, I can't get onto the internet. How do I get Comodo to "[u]Detect" the network again[/u] so it could be added if [u]I wanted to add it[/u] [i](later)[/i] [u]without rebooting[/u]. In other words how can you get Comodo to "Re-detect" the new network?
Start > Run > cmd > ipconfig /release > ping 192.168.0.1 > ipconfig /renew
If I didn't write down the IP and subnet mask numbers (the first time i saw them) I wouldn't be able to "manually add the zone. The only way I could get the numbers was to reboot the computer and have it automatically "pop up" an advisory that there was a "New Zone". Is there a way to have it Look for new zones - that I didn't add initially - without having to reboot the computer?
The subnet will 255.255.0.0 most likely of course

Hope this helps

Jake

Thanks again for taking the time Jake. I sure appreciate it.

Ok, but if it was momentary, and the ipconfig showed I was assigned the 192.168.1.21 ip address why would it not let me on the internet? By releasing and renewing the ip . . . does that suggest it is a windows issue? (By the way I can’t test the theory as I am not getting that message anymore which does sound like it could be what you suggested – must have been lag between your Computer and your Router)

Agreed. That is why I just closed the window when it appeared (I didn’t recognize it at all) and double checked to see if I had been assigned the reserved ip that I had set up for this machine (which it was).

If it was momentary lag between the computer and the router, do you have any idea why comodo would block this computers access to the internet after I closed the window?

Probably more puzzling to me was this: After closing the window that alerted me to the new network zone and waiting several minutes to see if it would correct itself, I - as a test - created a network zone ( 169.254.197.119 / 255.255.0.0 ) without releasing and renewing the ip, and Comodo allowed this computer through to the internet! It is this that makes me think it is more of a Comodo issue than a windows “release and renew the ip” thing. No? (It is an at home network - out in the country - no one within miles to hijack my internet connection, so I felt it was safe to test. But if this were to happen in a hotel for example I wouldn’t have. This is one of the reasons I’d like to get a better grasp of what Comodo is telling me - because I do end up using hotel connections quite a bit on business trips)

You lost me here. This is where my Networking Knowledge starts to fall down a little bit. I understand that by changing the subnet mask will limit things like the number of connections in a particular network, but that is about the extent of it. I haven’t really needed to mess around with it. To keep things simple I have always just used the old default 255.255.255.0

… in short I didn’t really understand the above statement: “The subnet will 255.255.0.0 most likely of course”

Thanks again for the help

Thanks again for taking the time Jake. I sure appreciate it.
No Worries Friend
Ok, but if it was momentary, and the ipconfig showed I was assigned the 192.168.1.21 ip address why would it not let me on the internet? By releasing and renewing the ip . . . does that suggest it is a windows issue? ([i]By the way I can't test the theory as I am not getting that message anymore which does sound like it could be what you suggested -- must have been lag between your Computer and your Router[/i])
It will popup if it's not listed (Also just be safe can go to CIS > More > Settings > Automatically Detect New Networks Make sure this is checked)
If it was momentary lag between the computer and the router, do you have any idea why Comodo would block this computers access to the internet after I closed the window?
Because by closing out the window it means you wanted to block this IP temporary of course; and only want to connect to the computers /networks that are listed in your network zones
Ok, but if it was momentary, and the ipconfig showed I was assigned the 192.168.1.21 ip address why would it not let me on the internet? By releasing and renewing the ip . . . does that suggest it is a windows issue? ([i]By the way I can't test the theory as I am not getting that message anymore which does sound like it could be what you suggested -- must have been lag between your Computer and your Router[/i])
If you wish; After you are done with reading this post; You can make sure that there isn't anything in the network zone (Except for loopback) and then plug in your ethernet and just unplug it and re plug it back in (possibly wait couple seconds) this should be able to re-produce the alert)
If it was momentary lag between the computer and the router, do you have any idea why Comodo would block this computers access to the internet after I closed the window?
I'm assuming that "Detect New Networks" was disabled in the Settings (CIS > More > Settings > Detect New Network Zones) ;
[quote="Jacob post:5, topic:263059"] The subnet will 255.255.0.0 most likely of course [/quote] You lost me here. This is where my Networking Knowledge starts to fall down a little bit. I understand that by changing the subnet mask will limit things like the number of connections in a particular network, but that is about the extent of it. I haven't really needed to mess around with it. To keep things simple I have always just used the old default 255.255.255.0
Sorry I was thinking of another IP Class

I had written:
“If it was momentary lag between the computer and the router, do you have any idea why Comodo would block this computers access to the internet after I closed the window?”

and the response was (by Jake): I’m assuming that “Detect New Networks” was disabled in the Settings (CIS > More > Settings > Detect New Network Zones) ;

I have gone to CIS>More>Preferences> and there “Automatically detect new private networks” has been checked the entire time. I am not sure if this means that there is a minor bug in CIS or not - just throwing it out there.

As it has not re occurred I am not to worried about it. If I get some more time I’ll try clearing out the network zones (except for the loop back - not sure what that is exactly yet) and see if I can reproduce it that way.

Thanks for taking the time to help me better understand CIS Jake! :-TU

Hi

As I studied the above discussion, it is exactly what is happening with me too but the only difference is I di not created any trusted zone…

can I use my MAC ID in place of a trusted zone dear Jake…?

Yes You can :slight_smile: See Attached Picture

Hope this helps :slight_smile:
Jake

[attachment deleted by admin]

Hi Jake

thanQ for confirming me to use the MAC Id, if I use it, does it still show that 169.254.x.x IP when I start connecting to internet or it wont show up?