When I switched from Bell to Rogers (in Ontario, Canada) some websites that I used to be able to reach from my browser became unavailable (404 error). One such website is “www.startpage.com”.
My wife’s computer connects to the Internet through the wireless feature of the Rogers cable modem and she is able to get to www.startpage.com, while my computer is hard-wired into the modem and cannot get there.
One of the differences between our computers is that I have Comodo Firewall installed on my computer and she does not. I don’t really believe that Comodo Firewall is causing this problem, but I want to rule out this possibility. Is it possible that the firewall is blocking some websites but not others? If so, how can I see a list of websites that it is blocking?
I am running Comodo Firewall 4.1.150349.920 on a computer which is running Microsoft Windows XP Professional Version 2002 Service Pack 3.
I see you are running an older version of Comodo Firewall. I was going to say that with a default install of Comodo Firewall your DNS servers would have been changed to those of Comodo Secure DNS but I can’t recall if that was the case with CIS v4.1.
Please check if the DNS server settings are set to default (get automatically) or to custom servers. The following tutorial will take you the place to see what the settings are.
Sometimes a web site gets blocked by Secure DNS and I want to see if that is the case or not.
When the DNS server settings are manual please set them to automatic. Windows will then use the DNS servers of your provider. After having changed DNS servers it is wise to flush Windows DNS cache. That way Windows will ask for the ip address from the DNS servers you set (the ones from your ISP).
On a sidenote. What’s keeping you from updating? The sandbox is so much better these days then it was with v4. The same is true for the Comodo AV in case you would be considering to use the full suite.
The difference between CIS v4 & v5 is like Win95 and WinXP (absolutely no reason not to upgrade). The difference between CIS v5 & v6 is akin to WinXP & Win7 (upgrading is highly recommendated with latest technology hardware)
Absolutely a reason to upgrade from v4 tov5. The sandbox is much better in v5 than in v4. With v4 I never enabled the sandbox. In v5 it was stable enough to have it as non intrusive layer of protection for unknown files.
The difference between CIS v5 & v6 is akin to WinXP & Win7 (upgrading is highly recommendated with latest technology hardware)
Regarding the suggestions to change the DNS, I should have mentioned that as one of my attempts to fix this problem I had already changed the DNS servers from the Rogers default servers to servers recommended by the OpenNIC Project. After doing so I did run “ipconfig /flushdns”.
I’ll follow up on your suggestions to upgrade to the current version of Comodo. After I do that, where should I look to find the list of URLs that Comodo is blocking?
Are you using CIS to block sites by hostname? That function does not work properly. Please remove any web sites you are blocking with CIS.
The reason for asking this is when I say to block abc.com it will also block a number of other web sites with non related names.
If you are looking for website filtering CIS is not your friend. Please consider other solutions.
Nothing is listed under Firewall/Common Tasks/My Blocked Network Zones. Is there somewhere else I should be looking to see blocked URLS?
No place I can think of unless I am overlooking something…
When you used the DNS servers from Rogers that did not fix the problem? Did you flush DNS cache after switching to Rogers DNS servers?
Unless somebody convinces me otherwise I am going to assume this problem is not related to CIS and that me need to look elsewhere.
Are you using or did you use tools in the past that interfere with networking.Think Net Limiter, Peer Guardian… If you used them are you sure they are properly uninstalled?
Please make sure that there are no left overs of previously uninstalled security programs around. Not all uninstallers do a proper job. Left over applications, drivers or services can cause all sort of “interesting effects”.
Try using removal tools for those programs to remove them. Here is a list of removal tools for common av programs: ESET Knowledgebase .
@EricJH: I found the cause of the problem. I previously had my PC hardwired into the Rogers modem through a VoIP box. It seems that the VoIP box was ignoring the DNS settings in my PC and using its own DNS which apparently could not resolve several IP addresses, including the address for “www.startpage.com”. When I changed the wiring so that my PC was wired directly into the the modem instead of being daisy-chained through the VoIP box, the problem disappeared. Thanks for your suggestions.
Congratulations on finding the cause and thanks for reporting back.
What made you check the VoIP box?
@EricJH: Someone on another forum suggested that I type the following in a cmd window: “nslookup www.startpage.com”. The output showed that the DNS serving the request was not one of the DNSs I had set on my PC in Control Panel/Network Connections, but was a DNS that had the name of the VoIP provider that I use. When I moved the network connection for my PC from the VoIP box to the Rogers modem the problem disappeared. I suppose that the VoIP box intercepts DNS calls and re-routes them to the VoIP provider’s DNS and that DNS is not able to resolve certain addresses. Previously I had never heard of nslookup, so I learned something here.
I handle DNS explictly using zones & file groups.
I have a firewall rule for the DNS file-group that allows UDP out from in [NIC] to in [DNS] dest port 53. This rule is #2 in my list (right after Windows Operating System).
The DNS filegroup is defined in D+ Policy Protected File / Folders, Groups. Any app that requests UDP to port 53 goes there. Bada boom bada bing; close the lid on that monkey (monkey dead).
To firewall my browser:
allow TCP out from in [local_0] to in [local_127] dest port [Adobe RTMP]
allow TCP out from in [local_0] to in [local_127] dest port [HTTP ports]
allow TCP out from in [NIC] to Any dest port [HTTP ports]
allow TCP out from in [NIC] to Any dest port [Adobe RTMP]
allow TCP out from in [NIC] to in [webcs.yahoo] dest port [5050 / 843]
Adobe RTMP ports: 843 / 1935
HTTP ports: 80 / 443 / 81 / 8080
webcs.yahoo is a network zone for the mail servers so I can use the browser mail feature of Yahoo’s homepage. It serves up the mail on ports 5050 / 843.
Any connection attempt to any other port is user discretion allowed (not rememberd) to access custom resource at web-site / server as needed. If I frequently go to a website that uses a proprietary port to deliver special service(s) / content: I’d create an explicit allow rule for that particular web-site specifically.
The special allows would be for either IP addresses (added to network zone) or for special ports (added to port set). WIth such systematic approach, one rule can handle multiple conditionns.