Comodo Firewall is a great program but one thing that bugs me is that I cant import a list of banned IP’s.
A simple feature to Import/Export IP’S in your My Network Zone/My Blocked NetWork Zones would make things go a lot faster!
Just a friendly favor.
"My Blocked Network Zones" Import IP Block List
Comodo Firewall is a great program but one thing that bugs me is that I cant import a list of banned IP’s.
I want this very mush aswell 8)
I like this wish,
C-O-M-O-D-O Forum Moderator
There are places where diligent webmasters/network managers have compiled the many, many, many IP blocks from which only bad things originate. Most of use want to add these known bad IPs to CIS.
But the bad IP lists are very, very, very messy because at the beginning of time IP blocks were not assigned logically or geographically, so bad guys are mixed in with good guys. Therefore the lists have a huge number of address ranges. For instance, trying to block a hack attack from North Korea, I once also blocked Sony of Japan, one of my customers – oops! I needed to enter many, many ranges to separate good from bad.
It’s almost impossible to type a huge list of IPs into CIS, with so many clicks, and no tools to review the work (my wishlist of IP sorting) and no tools to document the work (my wishlist of a Comments field).
A starting point would be if CIS could import such IP lists. And, since many such lists have comments (via various standard comment delimiters), CIS should preserve the comments, adding each IP’s comment to the new Comments field. ;D
Then we could easily check our work, and later locate and revise any IP that maybe shouldn’t have been blocked, by simply sorting the IP list. 88)
And another thing: What if Comodo itself compiled and provided a list of bad IPs that we users could import/enable and even fine-tune. This might be similar to the mysterious Threatcast system; I’m not sure I trust what I can’t see or monitor, but the idea is good. The idea of helping identify troublemakers is not unprecedented. Yahoo does a form of this for its ecommerce system. A Yahoo Store operator can select which countries can/can’t make purchases, or just click on Yahoo’s suggested blocks of good and not-so-good parts of the world. Comodo, with the help of its customers, could do the same to everyone’s benefit.
See this post for more on import/export, which includes the ideas you have proposed above.
Another reason for IP Block List import and control capability.
My and many others “Firewall Wish”
Importable IP Block List with right click (on the system tray Icon) control.
• “My Blocked Network Zones” IP Block List import option.
• “System Tray Icon” right click option to turn on or off “My Blocked Network Zones”.
• Administrator Rights option for control.
I believe that the IP Block List Import and control capability will be a grateful use for not just individuals but for Businesses and Organizations. I think that if you make this option capable, Groups like Power Companies, Natural Gas Companies and even Government Groups, like the FAA, could use this option to limit the access to their systems from the “Cyber Terrorism” (https://forums.comodo.com/melihs_corner_ceo_talkdiscussionsblog/cyber_terrorism-t30357.0.html) activity that is constantly causing problems, bugs and Identify theft.
In the" COMODO Internet Security" program you already have a partial ability to create this capability, in the “Firewall Tasks”, “Common Tasks” box, “My Blocked Network Zones”. The problem is you have to create the IP block sets manually one at a time. If you make an option to import a list file then you can create your own list using a number of type tools like the “Block List Manager” from “BISS” (Bluetack Internet Security Solutions)(dl link “http://blocklistpro.com/download-center/start-download/blocklist-manager/1437-blocklist_manager_install_2.7.7.exe.html”).
With this program you can create any list file that you desire for your limitation to the internet with any protocol. And if you add a control to the system tray icon menu (under Administration level) you can control the limit access to your systems, just like Protowall, Agnitum Outpost, PeerGuardian, TunnelBuilders, Tiny Personal Firewall and ZoneAlarm, and quite a few others out there, without having to install any of these other programs for the safety needed.
I personally think that with this added capability you could gain greater Customer Client level usage on the Pro level, including Corporate and Company Groups as well as Government group level for network security. COMODO is already in the upper level of security technology that could assist any company or government group that is currently looking for a way to protect their systems today.
I would Appreciate response from Melih and or the Dev Team
I came here specifically to ask for this option. I made a network zone called “Blocked” and not “My Blocked NetWork Zones”; I hope that works too. I would like to be able to import a text file with a given format that contains IP addresses and ranges for my blocked zones. It would be nice to have Comodo export the current zone IP addresses and ranges or names in this format as well.
I have had difficulty in the past openning up an address range after I had it included in the Blocked Zone. Even after I remove it from the list it remained blocked and this usually occured as I realized I could no longer shut down Comodo Internet Security. Uninstall, reinstall … fixes the problem, but then comes the task of entering the following list into the Blocked Zone:
184.108.40.206 - 220.127.116.11 — IANA (25NOV07)
18.104.22.168 - 22.214.171.124 — IANA (18SEP07)
126.96.36.199 - 188.8.131.52 — IANA (18SEP07)
184.108.40.206 - 220.127.116.11 — IANA (18SEP07)
18.104.22.168 - 22.214.171.124 — IANA (18NOV07)
126.96.36.199 - 188.8.131.52 — IANA (18NOV07)
184.108.40.206 - 220.127.116.11 — IANA (18NOV07)
18.104.22.168 - 22.214.171.124 — Israel (08NOV09)
126.96.36.199 - 188.8.131.52 — UK 09MAY07
184.108.40.206 - 220.127.116.11 — Spain (22NOV07)
18.104.22.168 - 22.214.171.124 — IANA BLOCK (18NOV07)
126.96.36.199 - 188.8.131.52 — IANA BLOCK (18NOV07)
184.108.40.206 - 220.127.116.11 — IANA (18NOV07)
18.104.22.168 - 22.214.171.124 — IANA (07OCT07)
126.96.36.199 - 188.8.131.52 — IANA (17NOV07)
184.108.40.206 - 220.127.116.11 — IANA (18NOV07)
18.104.22.168 - 22.214.171.124 — IANA (24NOV07)
126.96.36.199 - 188.8.131.52 — IANA (11NOV07)
184.108.40.206 - 220.127.116.11 — IANA (23NOV07)
18.104.22.168 - 22.214.171.124 — IANA (23NOV07)
126.96.36.199 - 188.8.131.52 — IANA (17OCT07)
184.108.40.206 - 220.127.116.11 — IANA (17OCT07)
18.104.22.168 - 22.214.171.124 — IANA (17OCT07)
126.96.36.199 - 188.8.131.52 — IANA (07OCT07)
184.108.40.206 - 220.127.116.11 — IANA (07OCT07)
18.104.22.168 - 22.214.171.124 — IANA (06OCT07)
126.96.36.199 - 188.8.131.52 — IANA (06OCT07)
184.108.40.206 - 220.127.116.11 — IANA (06OCT07)
18.104.22.168 - 22.214.171.124 — CA (18NOV07)
126.96.36.199 - 188.8.131.52 — VA AOL
184.108.40.206 - 220.127.116.11 — China
18.104.22.168 — 13APR07
22.214.171.124 - 126.96.36.199 — VA (Verizon)
188.8.131.52 - 184.108.40.206 — Manhattan College
220.127.116.11 - 18.104.22.168 — NZ - 09MAY07
22.214.171.124 - 126.96.36.199 — Uruguay
188.8.131.52 - 184.108.40.206 — Amsterdam (13APR07)
cdn.fastclick.net — Add Block (28JUL06)
220.127.116.11 - 18.104.22.168 — Holand
22.214.171.124 - 126.96.36.199 — China (25NOV07)
188.8.131.52 - 184.108.40.206 — China (22NOV07)
220.127.116.11 - 18.104.22.168 — China
22.214.171.124 - 126.96.36.199 — Japan (17APR07)
188.8.131.52 - 184.108.40.206 — China (10SEP07)
220.127.116.11 - 18.104.22.168 — China (24NOV07)
22.214.171.124 - 126.96.36.199 — China (13APR07)
188.8.131.52 - 184.108.40.206 — IANA (11NOV07)
220.127.116.11 - 18.104.22.168 — IANA (09MAY07)
22.214.171.124 - 126.96.36.199 — France (28JUL06)
188.8.131.52 - 184.108.40.206 — Amat. Radio (17APR07)
220.127.116.11 - 18.104.22.168 — AOL 09MAY07
22.214.171.124 - 126.96.36.199 — CO (07SEP07)
188.8.131.52 - 184.108.40.206 — CO (07SEP07)
3322.org — Virus
220.127.116.11 - 18.104.22.168 — Canada (12AUG07)
22.214.171.124 - 126.96.36.199 — VA (13APR07)
188.8.131.52 - 184.108.40.206 — Comcast (09MAY07)
220.127.116.11 - 18.104.22.168 — China
22.214.171.124 - 126.96.36.199 — Russia (05OCT07)
188.8.131.52 - 184.108.40.206 — ThePlanet
220.127.116.11 - 18.104.22.168 — China (18NOV07)
22.214.171.124 - 126.96.36.199 — Panama
188.8.131.52 - 184.108.40.206 — Korea (28JUL06)
220.127.116.11 - 18.104.22.168 — Korea
22.214.171.124 - 126.96.36.199 — China
188.8.131.52 - 184.108.40.206 — Canada, Quebec
220.127.116.11 - 18.104.22.168 — CA
22.214.171.124 - 126.96.36.199 — London (13APR07)
188.8.131.52 - 184.108.40.206 — Pakistan (04MAY08)
220.127.116.11 - 18.104.22.168 — China (24MAR08)
22.214.171.124 - 126.96.36.199 — China
188.8.131.52 - 184.108.40.206 — CO
220.127.116.11 - 18.104.22.168 — FL
172.16.0.0 - 172.31.255.255 — Local LAN
22.214.171.124 - 126.96.36.199 — Panama (22AUG07)
188.8.131.52 - 184.108.40.206 — Brazil (17APR07)
220.127.116.11 - 18.104.22.168 — Czech Republic
192.168.0.190 - 192.168.0.199 — LOCAL NETWORK
22.214.171.124 - 126.96.36.199 — Belgium
188.8.131.52 - 184.108.40.206 — Netherlands
220.127.116.11 - 18.104.22.168 — UK
One at a time is a pain, and this is compounded by the fact that I am a pilot and connect to the internet from areas that use some of these ranges (Singapore needs one of the 202 ranges opened … not sure, I have had to reinstall everytime I tried to open it up).
Give me a format and I will simply add THISGROUP.txt to a Network Zone and have it done. Heck, you could make it so that all Network Zones can be imported and exported via text files.
I really miss this. I used to hack the Zone Alarm .xml files as the easiest way to maintain the lists when I used ZA.
I REALLY WOULD LIKE THIS ABILITY
+1. Only with the ability to be able to use ports 80 and 443 TCP (in other words I want to surf the web without the list but block for all other activities).
That is part of the option I requested.
With a right click in the system Tray bar make the block list function like the PeerGuardian program.
In the options you could allow or block the HTTP access, and/or Disable/Enable the Block List in the “My Blocked Network Zones”.
We are not talking about a lot of code design here, just a basic option set of code added to the original settings, and adding the Import option in the “My Blocked Network Zones” settings box.
How tough could this be??
I am not a software developer but writing anything at driver level is a tricky excercise in its self. But that being said I guess Comodo has more than capable engineers so it is a matter of prioritising. I can only hope they come up with it quickly…
Can you or someone offer sources that one would use to compile such an IP blocklist. I’m not sure what the IANA and other comments refer to.
I monitored the attempts or hits on my computer for a couple of years. IANA is the Internet Authority and they reserve specific areas of the internet. Any hit from one of those addresses would be fraudulent.
As for the rest, I found that 90% of the hacking attempts originated from China. By simply blocking:
22.214.171.124 through 126.96.36.199
You will stop half of the attempts on your computer.
Many hits these days are simply people that are unaware of their internet settings in Vista. They don’t know their computer is actively seeking company. Mostly, sites that I visit are not part of the internet that I have blocked. I looked up the ownership of the IP address hitting me, and if it were international, or a service provider, I would simply block their entire range of delegated IP addresses.
The trick is having your firewall block them, or record them, the first time they seek entry. Once they are blocked IPs, they will always show as being blocked … the first time is the toughest !ot!
WBSteele. For a whois look up I always use http://cqcounter.com/whois/ . When you see reference to IANA then the whois you use does not cover the IP range you ask about.
When you see IANA it means the whois serive used does not cover that part of the IP addresses I think. From the IANA site: The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources
For example Look up the IP address 188.8.131.52 (that was in the list somewhere in the above showing IANA). Go to Arin and Ripe for a whois lookup. When using ARIN it will refer to RIPE for this IP address in a convoluted way. Then go to RIPE and get the information. RIPE and ARIN cover regions of the world for IP addresses.
Try the look up service I provided for 184.108.40.206 and get
IP Address220.127.116.11 Host 18.104.22.168 Location GB, United Kingdom City Winsford, C5 - Organization Server Lan ISP BlueConnex MK Ltd AS Number AS29550 Blueconnex Networks Ltd Latitude 53°18'33" North Longitude 2°51'68" West Distance 2232.37 km (1387.13 miles)
Thank you. I was going by the lookup done by Zone Alarm. It obviously did not track down many of the addresses. I would take out entire chunks then open up certain areas as needed. Vista 64 brought me to Comodo, and I am impressed. I like to have quick access to blocked IPs though and easy import. I would love to have a feature where a formatted text string could be imported or adopted as well as exported. I find it much easier to deal with text strings and formatting than individually entering ranges and trying to figure out which entry was the one blocking the address I need to use. Thanks again for the information.
Does the site you listed in the example contain the range of IPs given to the provider of the IP?
I just checked their site and I love it. I especially like this supposedly new page for them:
OK, I have been doing a bit of investigation in to the “My Blocked Network Zone” configuration and did some testing on the insertion of a few IP zones.
Well Guess what, there is no system file for the ip zone sets, they are imported in to the REGISTRY files.
"HKLM\SYSTEM\Software\Comodo\Firewall Pro\Configuration\0(1-2-3…ect)\Firewall\Blocked Addresses\0 (1-2-3-4-…ect).
If you plan on having any large size file set, I normally use a set of IP ranges that would be 17MBs, you will drag your system almost to the BSOD zone.
Any registry files settings in a range like secure zone sets would kill your system or at least drag it down in activity like the crap of Windows ME set.
Dev team, I can not believe that you would put the Zone range settings in the registry, I don’t know of any IP blocker utilities that do this, They are normally in a file set using a firewall driver (.sys) reading, loading and managing the range set.
Absolutely correct: Using Windows Registry for application data is so wrong that even Microsoft has stopped doing it! This is amateurish at best.
Using the Registry leads to performance problems, difficult backing up the data, difficulty sharing it among computers, difficulty upgrading computers, and huge difficulty maintaining it.
The only correct solution for a professional app is to store app-specific data externally, in a text-based .ini or .xml file.
The only legit use of Windows Registry is to communicate across apps, and even that is iffy.
Has happened anything?
Yes we can or no we wont?