IP Black Lists

Thanx for your great product (B)

It would be excellent if the firewall supported IP black lists (like PeerGuardian2)…
I think that online armor firewall already supports this

online armor firewall? thanks for the reference. will look into it. this is a highly sought after feature for our associates.

Why not modify your host file? IP’s change… And loading a large list would cost resources.

true that. having a severed tendon makes me want for downloadable black lists since typing is something i rarely do these days, but true what you said. will see about having my son put some time into constantly type and update these ip black lists for me when he has the time. we all know how to copy paste and i am sure we will manage a system somehow.

Instead of wasting time typing, use something like Bluetack’s Blocklist Manager.

Some more info on the Blocklist Manager.

:■■■■

I see little value to me or my clients of such a feature, and too much chance of false positives, so if there would be any impact on system resource consumption, my vote is no.

In addition, AFAIK the principal use for such a feature would be illicit file sharing, and that’s a road I don’t think COMODO should travel.

Those interested in such a feature (legitimately or otherwise) can use readily available tools.

John

I’ve tested most or all of these blocklist apps, and with all due respect, there is always some impact on system resources: memory, processor, network, etc.

Of course, but my clients are representative of the larger market; it has to serve our needs as well for us to be willing to use it; and I see no evidence that this is a feature of legitimate value to most users – its primary purpose AFAIK is illicit file sharing. And blocklist apps are readily available to those that want them, so “where’s the beef”?

The issue is the trade-off between cost and benefit – unlike AV, which has a solid real benefit, I see too much potential cost and too little potential benefit in IP blacklisting for it to be of value to me and my clients.

Thus far I’ve seen no real evidence that IP blacklists are workable and useful for legitimate users, but my mind is always open – can you cite any such evidence? Can you cite any well-maintained IP blocklists other than for illicit peer-to-peer file sharing (evasion of RIAA / MPAA enforcement)?

Even more sophisticated efforts to filter bad sites (Google filtering of search results, AVG LinkScanner) haven’t proven to be terribly effective, worth the cost. (Bad experiences with AVG LinkScanner are part of why I don’t like the idea of this feature.)

All this said, I don’t much care one way or the other about IP blacklisting as long as there’s no adverse impact on system resources, product complexity or product reliability.

John

You provide no evidence
You insult me.
Nothing more for me to add.
John

Ip blacklisting will add great benifit to CIS, it is must for CIS to get better, see for example there is spyware ip blocked by peerguardian so we are safe from spywares (in most cases), As discussed above if this feature of ip blacklisting should not affect the system performance, bcoz we also have to take consideration the people having less ram like 256 etc. Comodo guys know whats best, i just love comodo so i want it to be better in all ways of protection. :■■■■
Thanks for taking new suggestion in positive attitude Comodo team Rock (:LOV)

Comodo - Import IPs Black List into File

I’d like to Comodo can be importing listing IPs, who is such Bloked Network Zones into this Pane on Comodo Firewall. It’s do not many resources and simply on programming. However, if Comodo Team and Developers dislike for many Administrators Local Networks, who NOW must insert it to Comodo and manually hits many-nany IPs - then Admins can be left this product…

I think, Comodo Programmers can do 3th position to Button ADD into “My Blocked Network Zones” like I present in this screenshot:

http://pic.ipicture.ru/uploads/090301/k4bFuIiCcy.png

[MyLivePage]

ADD it please to Comodo!!!

(As alternative, developers can add a comand line interface to import IPs list for blocking a network zones, INCLUDE A range of IP.)

Best Regards!

There are well-maintained lists that are not strictly for P2P use. http://blocklistpro.com/faqs/biss-ip-blocklists-faq.html has a description of all of the blocklists they maintain. Some that are helpful:

spyware blocklist, DShield recommended blocklist, ad trackers blocklist, spiders blocklist, IANA/Bogon/Hijacked lists.

On a side note, no matter how many people use P2P for nefarious purposes, that doesn’t mean all traffic on those protocols is illegal and or illicit, nor does it mean there are not legitimate needs to have whole IP ranges blocked.

You mention that you’ve tried various “blocklist apps”, but had you tried protowall I think you would be hard pressed to find significant resource hit due to the program. The only “hit” you’d take is that apps that try to contact an IP address that is blocked will time out.

My vote would be to update the HOST file in conjunction with MSVP.org’s host file

And allow the user to add/remove the sites they want from it

I don’t think dealing with the host file is really a good idea, but I do think that there should be some type of blacklist where the browser would be redirected to a page showing that its been blocked with comodo logo and process should be sent back to the loopback.

The idea is good. Network Filter + HostFile blocking and importing of IP lists would be nice…

Subscribe that idea!