Many other users have noticed that, unfortunately. Hence many of them went back to version 6882.
CIS 12.2.2.8012 Beta
Windows 10 21H1 19043.899 x64 Pro
No problem :-TU
Do not spam this topic about the beta build, continue discussion in https://forums.comodo.com/news-announcements-feedback-cis/when-can-we-expect-a-new-version-comodo-internet-security-premium-merged-topic-t125578.0.html hence I have split and merged posts into that topic.
:-TU
CIS treats host names as a single closed consecutive range of IP addresses from low to high,
How do you manage multiple single IP addresses or multiple IP address ranges that do not belong to or fall into the host name IP addresses?
In other words, how do you manage the IP address holes of a host name and how do you know what IP addresses belong to a host name and when there is change in IP addresses used by that host name?
I’m really wondering how you take care all of this.
For the price it does a lot of things.
You are free and you can always go elsewhere and choose another software publisher.
That’s what I do when I’m not satisfied with a provider…
I think that the devs are aware of the shortcomings of a FW rule based on a host name and that they are competent enough to correct the host name implementation so that it works as everyone would expect it to work. That is, look up a host name and create/update the matching IP table and create/update the FW rule based on that host name’s IP table.
But maybe this is easier said than done…
That previous post has been moved to the Forum Policy Violation Board, for quite obvious reasons. Thanks CISfan for explaining the apparent Firewall failings referred to
This problem has been around for a decade or so. I can only assume Comodo is aware of this.
The problem boils down to the fact that hostname gets resolved to its IP address only once per Windows session iirc. That does not fly well with dynamic IP addresses which could change during the Windows session.
Maybe I haven’t actually encountered a context where it failed.
To take care of that I use a DNS server since that’s why they are made for.
A firewall isn’t supposed to manage hosts in the first place. Only IP, ports and protocols depending of their implementation levels.
But since CIS has the feature, I agree that it has to be fixed.
It need to build it’s own DNS database somehow, and has to block DNS requests for the given hosts in the blocklist, but also to block connection to the IPs that can be DNS reversed to the ones in the blocklist, as long as the actual DNS server doesn’t bypass all its protection he try to provide.
@CISfan or Ploget
Sorry, I’m not a security/network expert.
Could you give a concrete example of using a FW rule based on a host name ?
Thank you.
You’re welcome Ploget.
I had to take it up for the very, very hard work of all developers which provide us with this great tool…
Thanks EricJH.
The issue is indeed around for decades. I never dared to use it because it could possibly block too many IP addresses.
FW rules based on host name sound simple but it’s a rather complex feature.
Thank you for the feedback and explanation Nastrahl, much appreciated.
Implementing the building, maintaining and processing of a local CIS DNS database and linking that to the processing of host name based FW rules… that’s a though job I guess.
It would be really awesome to see the host name issue fixed one day…
Hi domo78,
The following CIS help page will provide you with some information, look or search for the words “Host Name” on that page.
Hope that will help a bit.
Hi CISfan,
I had already read this page. Thank you.
The setting of my FW must be basic because it only uses protocols, ports and the loopback zone.
That’s why I’m trying to understand the need of using a FW rule based on a host name.
My environment is simple, maybe that’s why I don’t need more advanced settings : a laptop connected to a box, a printer connected directly to the laptop and one user.