I’ve been running comodo now for sometime, and have recently put an wireless printer on my network by HP and I’m finding that the Printer makes a UDP probe every so often, which in turn Comodo blocks. I have setup my internal network zone, so I can’t see why Comodo still blocks the UDP port scan. AFter it clears I can use the printer, then when it checks for ports to communicate on, voila it clamps down on that IP address and UDP ports. Since the IP it’s coming from is safe, why is it still blocking it? I even tried setting up a rule for that IP address that says inbound UDP is fine, but no luck.
Thoughts anyone?
Hiya… You need to add the IP Address of the printer as a Trusted Zone in the Security tab under Tasks or change your trusted zone to include the IP Address of your printer. Re-start comodo and then try again.
Eric
Hi there, I’ve done this and the problem still exists. Any other thoughts? Ironically the printer is within the original zone, so this should not have been a problem, so I reset it, and still the same.
BUMP, anyone have any ideas?
Still having my network printer blocked when it does a UDP port scan. It is within the trusted network, nothing I seem to add as a rule seems to solve this issue, thus the printer gets blocked by the firewall and makes it useless.
Can you configure your printer (within it’s user interface) to use only a single Port, or a specific set of ports; to stop it from scanning the computer?
It sounds like what is happening is the level of port scanning by the printer is seen as excessive.
You may also go to Security/Advanced/Advanced Attack Detection & Prevention, and increase the Port Scan Probing rate; this may help.
BTW, to understand why this would happen, it’s helpful to know a little more about Comodo’s layered security…
For Inbound traffic it first must be approved by Network Monitor; if that’s okay then it goes to Application Monitor, then to the Advanced Security checks (combination of Advanced Analysis & Component Monitor).
On Outbound traffic it is first approved by Application Monitor, then Advanced Security checks, then Network Monitor.
So if the printer’s scan for available ports is a bit high in volume, it will still be blocked based on the advanced checks. While this is annoying, it is still an important part of security, in case the network is compromised and someone’s poking around where they shouldn’t be…
Hope that helps,
LM