Hi
I’m using the latest and greatest version of Comodo on two pcs at home. When I first installed, it detected the local network and I allowed full access between any of the pcs on this network
Soon we will be having a guest staying with us and I will most likely allow this person to connect to the network for internet access. I would like to disallow any new pcs access to the pcs on the network already. How can I use the firewall to do this?
Go to Firewall → Firewall Security Policy → Networks Zones and edit the zone of your LAN to your likings. CIS will then apply the changes you made in Global Rules and the rule for System.
To copy a screenshot of the active window push alt+print screen to copy the active window to the clipboard (pushing print screen will copy the complete window to the clipboard not just the active window). The window is now copied to the clipboard. Paste the image in any image editing program, Paint, Paint.net, the Gimp etc. Use the “crop” function to resize the canvas to size of the image. Now save the file as 32 bits png image.
At the forum push the reply button. Or when using the Quick reply type some text and push the preview button.
Underneath the text box click on Additional options. Push the Choose button and navigate to the file and select it. When you want to post more images click on the more attachments link.
Thank you for posting the screenshot. We found the cause of your problem. System handles the network traffic and since you made it a trusted application it will allow all traffic.
Change the rule first delete it. Then run the Stealth Ports Wizard and make Mordor trusted network. That should do the trick.
Using the Stealth Ports Wizard will adapt both Global Rules and the rule for System.
Ok great, I hate to be a pain but I’m trying to lock this down as best as I can.
After I did what you recommended, I get the following pop-up, I allowed it as outgoing, I’m guessing I answered trusted in the past.
Disable NetBIOS over TCP in local network TCP/IP configuration.
Also, based on how you’ve defined Mordor ensure that the new PC is assigned IP address 192.168.2.[1-255] (it puts the second PC on its own subnet).
Or you could make Mordor network explicitely 192.168.1.1 & 192.168.1.2 (without mask), or use range.
Or you can make Mordor network to be 192.168.1.1 / 255.255.255.254 & 192.168.2.1 / 255.255.255.254 (you’d have to change one PC’s IP address 192.168.1.2 to 192.168.2.1). Since you can’t assign network address (192.168.1.0) to PC, you have to use two subnets.
Easiest way of doing it would be to make Mordor a range 192.168.1.1 - 192.168.1.2 (that way you wouldn’t have to change any of the PC’s IP addresses). The question becomes, what about router or modem? Although that’s usually 192.168.0.1 it could be 192.168.1.1. So you still need two IP address for PC. You could make a network ID / mask like this then:
192.168.1.1 / 255.255.255.248
Since the network address (192.168.1.1) and broadcast address (192.168.1.7) are unuseable, the new PC could use IP address 192.168.2.1 (which would be on a different subnet). That PC could then access the modem / router (192.168.1.1), but if you’re using ICS, and the modem is plugged into one of the two PC’s, then what?