fragmented ip content


how can i log fragmented ip “traffic”?


If you kept the last Network Monitor rule (the block everything rule) and with enabled logging on it, you don’t have to do anything. Eventually you should see fragmented IP connections. These are more common with p2p programs.


ah yeah, thats ok, yes at least of p2p im asking since many homerouters, walls, are not well configured,
so ifs a loss of info itll be reported.

does comodo have some control of exzessive abuse of sending broken ip parts, nukes you know?

or is that handled through that block ip rule?


PS: i assume the Intrusion detector would work then if no ip block rule?

More specifically, it’s handled in Advanced Attack Dectection & Prevention, in the Miscellaneous tab. By default it’s already set to block fragmented IP datagrams.