Hi everyone, I wish to ask whether anyone here would know how to block other computer in the same router from accessing my computer in anyway completely. Any guide on how to set up the rules on the firewall would be greatly appreciated. So far i had set up rules in global rules and blocked zone but not sure it is done correctly or not. I have also enabled protect arp cache and block gratuitous arp. The reason for this implementation is because i’ve been sniff and arp poisoned as i know the other users are using some software to limit my internet speed to almost nothing. I am the admin of the router and done lot of setting but it does not help unless directly block them since i got their mac address from the router. Moreover, it does not feel safe to use the internet knowing they will have the chance to spy on my privacy. Any help would be appreciated. Thanks.
The key word here is: I am the admin of the router.
Why do you let people beeing on there, who limit your speed, sniff and poison?
If you are the admin of the router, kick them off. Setup MAC address rules in the router to only allow the people you choose to access the router.
Thanks Clockwork for the reply, too bad my home only got 1 phone line and I am the one that register for the Internet service. The person i mentioning are my brothers thou so i have ‘responsibility’ to share with them :'(. Somehow they been using some software like p2pover and others unknown to me to limit the speed as they like in the past. Although been warn and ban by me and condition been improve for sometime, they will somehow continue to use it not so visibly. To avoid any confrontation and to avoid cost to buy new router (current router provided by ISP= Riger is useless) i though of using Comodo cause i think the firewall is extremely good but i do not really know how to properly set up those rules to completely block them from sneaking into my computer.
Well Panic, i have ban them before but as mentioned above i do want to improve my computer overall security so that no software can use those holes and exploit things as they desire. Thanks for the reply and if there are anyone know how to configure those rules please let me know. Thanks again. :love:
I am not the right one to speak about “security with compromisses”.
But a thing that would make your situation far more controlable is this:
Set your router to accept only as many static(!) ip adresses as there are computers in the network. Give your computer especially a static ip. Or better, give each computer a static ip.
So, when you are “online”, you can only have this ip. And now you can set inside the router AND in your firewall all the rules by these static ip adresses, which keep your “offenders” in control.
And make sure that no one has access to your computer settings and to the router!
But again, something is wrong there, and this should be solved basically among real people
Thanks for reply again clockwork, well i guess both our mind are quite similar. I have done the exact thing you mentioned as i have disabled the DHCP and manually assign a static IP for each computer including mine. Then i set up rules to block those IP addresses and mac addressed. At first i will see lot of intrusion from their IP ranging from 200-300 rules intrusion alert fired on the firewall summary. Then after few days i do not see anymore of their IP is like somehow they bypassed the firewall. Even now i got over 500 rules intrusion alert but none is from their IP so is getting weirder.
Yes you are correct clockwork, this should be done among real people and i had deal with them few times. The condition is not as worse as the first time but still after those incident i have learn how easy it is to exploit the security holes in my computer. Not to say that i am getting into paranoid mode about my computer security but this event trigger my interest to know more about how to protect myself. I just fell in love with comodo firewall when i use it 2 years ago and i wish to know how to properly use the software to the fullest.
I would read about networks and the special kinds of security which that construct demands.
Then i just have to put this knowing into rules and settings of the firewall and defense+, and the router, and my computers network settings.
Thats the easier approach.
And try the “global rule”, “block IP (all protocolls) INgoing any any any”. This should at least block all unrequested traffic that tries to connect. Block rules should be set to be logged.
Try to have kind of only OUTgoing rules for applications.
Rules are read from top to bottom.