dhcp acquisition lag

i searched the forums regarding wifi and dhcp and didnt find anything in specific to the problem i am having…

i have tried using safe zones for the IP’s of the routers that are delivering the DHCP and that seems to reduce the time from 30sec to 15-20sec.

i was wondering if anyone noticed a problem / lag / delay when getting connected over LAN or WIFI when comodo is enabled?

quick tech specs / programs running (as there might be a specific driver / windows version that could be causing this that i dont realize)

dell d800 laptop
intel / dell 855pm
1.6ghz centrino (banias core)
1ghz DDR pc2100
40gb 2.5" ide / 5400rpm
10/100/1000 onboard lan (broadcom 570x)
dell truemobile 1400 a/b/g (a disabled in driver) / broadcom 4307)
using windows for wifi connectivity (rather than broadcom driver program)

software:
windows xp pro sp-2
firefox 2.0.0.2
opera 9.02
gaim 2.0.0 beta 6
itunes 7.0.2

comodo 2.4.18.184
avast freeware antivirus
hamachi (freeware VPN software)

wireless networks i am connecting to vary
home: dd-wrt WDS sytem w/ WPA-PSK / TKIP
school: proxima A/B/G AP no encryption

both take up to 30 sec (about the time where it times-out when trying to get DHCP lease)

thanks,

fc

has anyone noticed that if you give svhost complete control (allow all) then this problem seems to go away

i dont know if its all the time or just sometimes

i wonder if its something that svhost is doing that comodo isnt seeing and therefore isnt asking about even though it is blocking it and not logging it…

ideas ?

as a side note - do any of the comodo team check these / can comment?

i wonder if it has something to do w/ the fact that i am using the dell software [quickset] that shows visual cues for wireless on/off, volume mute/up/down, and other things on dell machines.

just a theory

thanks

When you say:

, are you referring to moving the Security Level from Custom to Allow All?

If so, this is not addressing any specific application/process… it is removing all firewall protection, as if creating a Network Monitor rule to Allow IP In/Out from Any Source to Any Destination where IP Proto is Any, plus a whole lot more. If that improves your connectivity, then it shows that you have a rule (most likely Network Monitor) that is blocking something necessary for your connection, which is slowing you down.

The key to it will be in your Logs (Activity/Logs). It might be good to right-click an entry, select “Clear all Logs” then reboot. Watch for block entries related to the connection attempt. You can post them here by right-click an entry, select “Export to HTML.” Save & reopen the file; highlight and Copy the entries, and Paste them into the textbox of your next post.

That’ll get us started.

LM

comodo
application monitor
svhost
right click - edit
“allow all activities for this application”
and selected ‘allow invisible connection attempts’ & ‘skip advanced security checks’

rather than allow all globally for the program (and yea - removing any protection from running the firewall the first place)

Tnx for the clarification!

That being the case, it would indicate that you have Windows Services in place which are using svchost.exe (please note, you’ve typed “svhost” several times; make sure that’s just a typo…). As to Windows Services, I’m not an expert on those; I only know that some systems need more than others, but that many may be safely disabled to increase security and improve performance.

On most systems, svchost.exe is necessary to establish and maintain internet connectivity because of DNS and DHCP issues.

As you can see in the attached screenshot, I have only three rules in the Application Monitor for this little ■■■■■■. None of them allow invisible connections or skip advanced checks. They are set to only allow DNS & DHCP connections.

LM

[attachment deleted by admin]

ok, - i just wonder if there is something that their the driver for my wifi is doing that the regular LAN connection doesnt - b/c i can get a connection fine w/in 10-15sec on the lan, but the wifi sits @ acquiring DHCP for 20-60sec before it times out and gives me a 169.x.x.x IP (non-working)

perhaps the way that the driver ties (or is tied into) quickset

not to mention, while waiting for IP from DHCP over wifi - it does this - which made me wonder if it was my router and not my wifi / firewall - but since it happens @ both home and school (encrypted / unencrypted) as well as that i am sitting w/in 5ft of the router at home, 25ft at school and have same signal strength either location…
http://web.utk.edu/~btrusty/wifi.jpg

You might actually (only for brief testing purposes) disconnect/disable your network connection, then set CFP’s Security Level to Allow All, then reconnect/enable your network connection. See if the connection is faster. If it is, we know we’ve got some rules-tweaking to do in CFP. If it isn’t faster, then we know it’s not a CFP issue. Then turn the SecLevel back to Custom.

LM

well i guess ill just have to use it a day or so till it screws up

i wonder if it was the undisclosed microsoft wifi patch - http://support.microsoft.com/kb/917021

i didnt know about it till today when steve gibson (grc.com) on “security now” podcast from him and leo laporte.

thanks for the help w/ this little mac.

Heh! That’s always a possibility… Not to rag on MS too much, but we all know some of their stuff is buggy… ;D

Keep us posted as to how it develops. We’re glad to help as needed…

LM