Hello,
For quite some time (I think since ever…) Comodo keeps detecting a new network 169.254.83.46/17 my problem is that I do not connect to such network.
I am connected to another network and my IP is 192.168.1.65. this network has already been detected correctly corrected by CIS the first time that I connected to my router.
My question is why do I get the new network detected for 169.254.83.46 if I do not connect to it.
My computer has only one network card that it is a LAN (wired) one, I am always connected to the same router.
This happens randomly, and every time it happens I go to Firewall → Network Security Policy → Network Zone and delete the new zone because I do not know what it is. Sometimes it takes more than 1 week for it to be detected again other times it is detected within days.
yeh I know but I am more interested in knowing why it detects than in making the detection stop.
So far I see no reason for COMODO to detect this network because aparently the network does not exist
When your computer cannot reach a dhcp server to get an IP address from Windows will assign and IP address in the 169 range instead. It basically means that Windows does not see a network to connect with. That could be because a cable is unplugged or broken f.e…
If you are running Vista or Win7, the use of the APIPA addressing is normal behavior because computers running Windows 7 and Windows Vista listen by default for multicast LLMNR traffic. And as link-local addresses are assigned to interfaces using IPv6 address autoconfiguration, link-local addresses in IPv6 correspond to Automatic Private IP Addressing (APIPA) addresses used in IPv4 (which are assigned from the address range 169.254.0.0/16).
Thanks for explaining.
I noticed that this happens when I resume from sleep mode… could it be that, for some reason, it fails to detect the router’s DHCP when resuming… (I don’t really know much about networks)
Yep…got the same thing. Started a few hours ago. Getting on my nerves. I looked it up and apparently it is a government agency. It is The Diplomatic Telecommunications Service… http://www.state.gov/m/irm/dtspo/index.htm.
Proof Big Brother is pinging our private home networks despite the fact Congress has knocked down bill after bill that was supposed to allow that.
Word of the day “Unconstitutional”…say it with me folks!
My question is, how do we block it, regardless of who it is? I don’t want to turn off my detection notices. I want that. That rocks! What I want is to prevent the need for the detection notices by keeping this and future attacks from happening.
If, by “same thing”, you mean Comodo started detecting a new network with an address of 169.254.something.something, then it is not the DTSPO.
It is what is known as APIPA (Automatic Provision of IP Address). This is a facility built into Windows (the Windows Operating System running on your PC) to provide an IP address in this range when your PC cannot contact a DHCP server to get an IP address from.
In a home network, your router will normally act as a DHCP server to allocate IP addresses to the PCs on your network and if your PC, for whatever reason, can’t contact the router on startup, then Windows, by means of APIPA, will allocate an address in the 169.254.X.X range to your network adaptor.
Can you please provide us with the IP address that Comodo is reporting? This will assist us working what is going on, rather than playing the conspiracy card as a lead.
My question is, how do we block it, regardless of who it is? I don't want to turn off my detection notices. I want that. That rocks! What I want is to prevent the need for the detection notices by keeping this and future attacks from happening.
If the detected address is indeed APIPA allocating an IP to your PC then you do not want it to be blocked. You could create a network zone covering all the APIPA address range and use that zone in a rule that allows it to connect without notification.
I think I found out what was causing this issue (at least for me), it is related with shareaza, if I leave shareaza open and Windows enters sleep mode when the computer resumes I get this message from COMODO.
I am guessing this occurs because shareaza attempts to connect to the internet, before the network connection is fully established. Not sure though… :-\
Yep...got the same thing. Started a few hours ago. Getting on my nerves. I looked it up and apparently it is a government agency. It is The Diplomatic Telecommunications Service.... http://www.state.gov/m/irm/dtspo/index.htm.
Proof Big Brother is pinging our private home networks despite the fact Congress has knocked down bill after bill that was supposed to allow that.
Word of the day “Unconstitutional”…say it with me folks!
My question is, how do we block it, regardless of who it is? I don’t want to turn off my detection notices. I want that. That rocks! What I want is to prevent the need for the detection notices by keeping this and future attacks from happening.
Hmm The problem you are describing is not the same as mine.
As panic said the address detected by CIS, in my case, is a non-assigned IP address and does not belong to any organization, governmental or otherwise.
In RFC 3927, the Internet Engineering Task Force has reserved the address block 169.254.1.0 through 169.254.254.255 for link-local addressing in Internet Protocol Version 4
