I’m using Comodo 4.0.141842.828 and if i set it using MAC adress (for destination adress) it don’t work,has anyone finding the same issue ? and one solution for resolve this issue ?
Firewall seem's to don't work correctly using MAC adress
Does the rule you made work when you choose for example your IP address as destination address? I assume it is a rule for incoming traffic.
Is the mentioned rule part of Global Rules or is it an application rule?
I just changed the respective zones for NIC & modem from mask 192.168.0.64/255.255.255.0 & 192.168.0.1/255.255.255.0 (respectively) to their associated MAC addresses. All of my Network Security Policies (by application) - as are the Network Security Policy Global Rules utterly and absolutely dependent upon those two zones; without them notihing would work, neither DNS, nor anything else
Anways MAC works good lasts a long time.
I think I know what’s going on here: MAC is dependent upon ARP table. ARP table dynamic entries have a TTL of 2 minutes.
I know this because my ICMP type 3 code 3 out rule to zone “modem” stopped working after I changed the definition of the modem zone from 192.168.0.1 to the MAC address. When I looked in the ARP table it was empty. The rule worked fine if I dd some sort of internet access within two minutes of the modem doing its nbname query to port 137.
The only way to fix that is to implement static ARP entries. That must be done via batch file at boot time. Static ARP entries are immortal until reboot.
We just discussed this in today’s “Inside the Info-Sys Security Perimter” class lecture.
You don’t want to EVER set up firewall rules based on MAC.
ARP is just TOO susceptible to spoofing, hacking, you name it. Trying to firewall it is akin to shooting yourself in the foot to prevent YOU from robbing the bank.
Hi, EricJH,no it’s a rule for outgoing traffic,and yes i set my IP address as source address and the destination address with MAC,but it’s the same with a rule for incoming traffic set with my IP address as destination address and the source address with MAC ,nothing to do that’s don’t work .
And that i’m sure is this ruleset has working perfectly with the previous version of Comodo.
Are you making a rule for svchost.exe?
No,it’s a rule for GigaTribe ,a private Peer To Peer software.
For the outgoing rule you set your IP address for source and your MAC address as destination. That is not going to work as you point from yourself with IP address too yourself with the MAC address. If you want to use your MAC address you need to make that source and for destination Any.
For the incoming rule you set IP address as destination and for source the MAC address. That is not going to work as you point from yourself with IP address to yourself using the MAC address. If you want to use your MAC address you need to make that destination and for source any.
No,i set my IP address as source and the MAC address of my friend as destination for the outgoing rule and the MAC address of my friend as source and my IP address as destination for the incoming rule.
I see I misunderstood your situation. It was not stated it was a rule for connecting just two computers.
Do the rules work when you only use IP addresses?
You don’t EVER want to to use MAC addr for host-firewall rule. O0
SSID in the clear
WEP can be cracked in less time it took you to read this
MAC can be faked
IP can be spoofed
WPA/WPA ‘dictionary’ attacks
With respect to connecting to a host in the on the other side of the cloud using MAC: its not possible.
If that’s the sort of secuirity you need: look at VPN using certificates.
Yes the rule work with IP address but my friend has a dynamic IP address i would make my rule working with MAC address and my rule has working perfectly previously wth the previous version of Comodo.
That is the situation when using a wireless network (one usually knows when another person in one’s house would hook a computer to one of the wires).
With respect to connecting to a host in the on the other side of the cloud using MAC: its not possible.How do you know? Just curious as I have never heard of this.
If that's the sort of security you need: look at VPN using certificates.You can try Comodo Easy VPN.