How are host names handled?


I’ve granted svchost.exe access to by specifying this host name. Later and in spite of this, I was asked whether to allow svchost access to a certain IP. Using nslookup, the IP resolves to I was wondering why I’m being asked because there is already a matching rule. Why is it?

Is it because the DNS is dynamic? This means, at one point in time, is resolved to,, (alias host name is, and at a later point in time, is resolved to, (alias name

So, does the FW store the 8.* IPs internally? Later, they do not match the 2.* IPs, and, consequently, the rule doesn’t match? How can we solve this issue?

Comodo takes the lowest IPv4 address and highest IPv4 address that a host name resolves to and uses that range to base the rule on. For example if I created a block rule for the registry entry where the rule is saved looks like this: AddrStart AddrEnd if we do a DNS lookup of you get this:

Name: Addresses: 2001:4998:c:a06::2:4008 2001:4998:58:c02::a9 2001:4998:44:204::a7
so every IPv4 address within - will be blocked even if it doesn't belong to and if ever resolves to an IP address outside that range then it will be allowed. Using a rule based on a host name is generally not a good idea.

Thanks futuretech for this helpful piece of information. Sorry, I wasn’t able to find it before.
Yes, using a host name is not a good idea. However, specifiying IP addresses is not possible in this case. (svchost is a beast anyway…)
Thanks, this cleared things up