The ARP attacking is more and more,some FW can write rule base on ARP protocol. I.E Jetcio LooknStop.
Could I get this function in CPF (:LOV)
ARP?
Another protocol. I’ve come across this when a NIC goes bad and starts an ARP flood across a LAN, consuming bandwidth.
In computer networking, Address Resolution Protocol (ARP) is the method for finding a host’s hardware address when only its IP address is known. Due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to translate IP addresses to Ethernet MAC addresses. It can, however, easily be used for IP over ATM or FDDI.
ewen 
Thanks for the info Ewen.
Never heard of such a thing but I guess it can do no harm if added, right?
Hi Zeus,
CPF does not have layer 2 filtering. It is not really necessary for a personal computer. The server edition of Comodo Firewall will have these types of features.
ARP based filtering is much more necessay for the firewalls securing a network perimeter.
Egemen
Comodo is currently offering the server edition of the firewall free of charge, however this will not be forever, you can get your free 1 year license to protect your servers from the page below.
Oh, I did not know that Comodo is providing a server edition… Anyway, if Comodo is providing a server edition which requires users to pay, doesn’t that defeat the very foundation of trust that Comodo is trying to painstakingly build?
I believe with the server edition, the CPF is like a crippled version of a firewall. Then it is just back to ZA and other firewall providers once again. I thought I remember Melih being very adamant of charging users for the firewall and other security products.
Yours truly,
DoomScythe
There is actually a clear distinction between a PERSONAL firewall for an individual PC and an enterprise firewall for a network perimeter. Comodo’s plan with their Desktop Security Products (with the emphasis on DESKTOP) was to enable a security layer on individual PCs free of charge, not provide an enterprise wide security layer for free!!
The complexities and requirements of an enterprise firewall are normally beyond the scope of free software. The fact that Comodo are giving away a one year license with the hopes that people will resubscribe and pay money.
This does not mean that CPF is a cut down version. CPF is a perfect (IMHO) example of software written to cater for its intended environment. Its designed for a personal PC and it does its job brilliantly!
Hope this clears things up.
Ewen
I understand that the firewall that meets the requirement of servers is much more complex. However, companies that I came across before will usually give away their products free to end-users. They will then charge for the server edition or possibly a professional edition. The thing is that when a company have 2 distinct products, one offered free and the other paid version, the free version is usually quite ■■■■■■. That is what that is keeping me away from some free softwares, unless I don’t really have a choice.
I seriously hope Comodo don’t follow this traditional path. If it does, then Comodo is just like any other company.
Yours truly,
DoomScythe
Adding support for IGMP, ARP and RARP is on the Comodo Wishlist Rev 2 Document, #34… 
If is on the list means that will be implemented, like Melih said…
Can you clarify this?
Its status is Pending. This means it will be reviewed and if it fits into the requirements, it will be implemented.
For example in your post, except these 2 features, others will be implemented.
- Add the feature to choose the TCP flags…
- Add support for more protocols (IGMP, ARP, RARP)
Btw, you can allow/deny all IP protocols like IGMP by creating an IP rule.
Except MAC address based filtering, i dont see any reason for a PC user to deal with layer2 protocols like ARP/RARP.
Well Doomscythe, I agree and disagree with your views on the free/paid editions. Fact remains they are a company and need to make end’s meat somehow (hence the how to make money thread). I don’t see anything wrong with them having a network (read edge) version of the firewall/appliance that is a paid purchase. In fact if you had to do a comparison, Zonealarm is highly rated and it’s free (at least 1 version) and even then it’s still decent. Once Comodo maintains its loyalty to giving the public access to a free high grade personal firewall AND offers a commercial enterprise solution then I think that is fair enough. It also fits in with what you were saying about companies giving away free software.
Once comodo keeps supplying us with a none cut down personal firewall for free, then companies can easily buy a corporate firewall and still offer all the mobile clients the firewall at no extra cost. It’s a win win situation.
On a side note, I would love to have a go at the enterprise firewall (none appliance? but software on a trustix box I assume?) to see how it works and it functionality since I deal with a pretty wide scope to edge devices from Symantec, juniper, ISS, cisco and Checkpoint. Think someone could hook meh up, or am I asking for too much?
Thanks for clarifying this
Me? Charging users for security products? Never!
Let me clarify again.
Desktop security for free! Period! Whether you are an individual or a business. You will get your desktop security for free!
There simply is no other company of our size or bigger (to my knowledge) that give full versions of their software for free!!
We do!
Melih
Okay, thanks for the clarification. Therefore, Comodo is providing DESKTOP security softwares for free, right? The keyword is desktop. I get it now. I don’t want to go around telling people, especially my friends the wrong thing.
Yours truly,
DoomScythe
NP
Melih
I’m sorry for my English.
In LAN condition,some pc can use a special soft attack other pcs.
The attacking pc state it is GATE by useing a attack soft ,thus it can spoof other PCs, then other pcs can’t browe website,send mail…
This named ARP-Attack in china.
I hope CPF can create rule based on ARP protocol,thus can protect LAN pc from ARP-Attack .
is it clear?
We do not have any plans to support layer 2 protocols except MAC address based filtering. In your case, the network has already been compromised and the gateway is already under the control of the attacker. This should have been prevented otherwise after being compromised, there are more serious attacks than just ARP spoofing.
Your best protection really is to connect to your wireless using the highest possible security. WPA2-PSK if possible and to always have your Wireless router firewall turned on. I currently use WPA-PSK and have a Linksys Wireless Gateway that has a Firewall which allows you to block all sorts of things and in the past has blocked Hacker attempts. If you don’t have WPA2 on your Wireless Security Settings in Windows, I’ve posted some links to a particular update that enables WPA2 connection. Now if I could only figure out how to get it to work and whether or not my router supports it.
Eric