Hi, been using CPF for the past 3 weeks and there’s not much I can say in the way of complaints. I’ve gotten everything to work including my FTP server with the exception of RemotelyAnywhere a remote desktop programme I use often when I’m away from home. I’ve searched the threads in the forum to no avail and none of the settings I used can get it to work.
I have a 2nd computer on my home network so I often use it to test my settings out. Let’s say for example sake I’m using the default port 2000 setup on my main machine. I’ve forwarded the ports through my router however, I can’t get connected. On the interface of RMA, I see two IP addresses listed that I can connect via http://192.168.0.102:2000 (using the default as an example as stated above for security reasons) and http://0.1.0.4:2000 as the 2nd IP. Do I set both in Network rules or just one?
Thanks in advance for any help in resolving this. I need to travel soon and have the need to access my main machine from time to time.
Update!!
Rebooted and it worked. Looked like certain settings won’t work unless CP is shut down and restarted. Mabye that should be something that should be addressed in upcoming versions an “apply” button that makes settings take effect immediately.
I’m glad it worked for you.
Yes, sometimes the new rule works the moment you set it, sometimes you have to restart the firewall, and sometimes you have to reboot the computer… :o
The only time I have to make a full reboot is when i set up a rule for blocking a host name.
It may differ between users.
Hopefully it will be resolved. ;D
@AOwL: Pheeeww!! Thank god, someone else has this problem too, and I’m not alone in this whole wide world… sniff
I really do have the problem that sometimes some rules do simply not work. that is, my rules for emule for example. most of the times i have a high id instantly, but sometimes i get a low id, the servers telling me the can’t connect.
after rebooting the computer everything works fine again…
A little off-topic:
I’d like to point out that some anti-spyware solutions use the Hosts file to block access to ‘bad’ sites. This is not very effective. It can easily be bypassed. To avoid manipulations by malware of the hosts file (for example blocking acces for your Anti-virus solution to its update server), I renamed the host file into XHost. In this way, Windows cannot find the file and will refer to DNS queries. If Windows can’t find the Hosts file, neither can Trojans. So, they will also have to rely upon DNS queries. This may stop malware that has already got onto your computer from getting out, especially if you have disabled the DNS Client service. Then a Trojan will have to ask your firewall permission to get out.
I just tried to block a domain. This time It worked with a restart of just CFW.
It seems a bit random…
But, I had the log option on, it didn’t log the block.
Trying to think… That’s because the OS blocks, not COMODO… If COMODO reads the Hosts file at all, it will probably only do that on Windows boot, but not during its own restart.
Though there are trojans that overwrite (as oppposed to append to the existing) the existing hosts file, or create a new one (full of its own BS entries) if it doesn’t exist.
If we are talking about a block in the Hosts file then this is logical:
Windows FIRST queries the Host file, and only THEN does the DNS query.
If Windows finds a reference to a ‘blocked’ site in the Hosts file (first step), it will stop further action and block. I assume this will not be logged by COMODO.
If Windows doesn’t find any reference to a ‘blocked’ site in the Hosts file (first step), it will continue with the following step: DNS query, which COMODO monitors. COMODO will log that query if you set it to do that…
Hmmm… I’ve heard about Trojans moving an existing Hosts file to an unknown location, but not about Trojans writing a new one if it doesn’t exist… Maybe I’ll have to read up on this…
Interesting to note I tried turning off the DNS service and although I rebooted, my Wireless Card refused to connect until I turned it back on. Don’t ask me why but maybe Paul can shed some light on that. ???
If you use the search function and search by name or IP address, are you still unable to find the comp on your lan? I found out that turning NetBios off disables name function but can still find the computer via lan. To avoid broadcasting, I use my ethernet for lan functions and my wireless for internet. That way, I turn off netbios on the wireless card and leave it for the ethernet connection.
I did, and there was nothing in there for that time frame. The last log entry was over 4 hrs old, and that was long before I tried out your tips. I already had a ton of them turned off from a hard copy I made of blackviper’s list. Also, even if you turn Computer Browser off, you can still see computers on the lan and your mapped drives still work. As far as I understand, only 1 computer on the lan acts as a ‘computer browser’. If you read the event log, you’ll see that it starts then sits idle all day long and turns itself out. Not sure as to how much memory it uses up in idle state.
Sorry. Gotta go right now. Here is a page where you can see the default XP services settings on Pro. I guess you will have to check manually and compare and then see what it does. If I haven’t indicated it anywhere, then setting a service to ‘Manual’ does not work: the service will start anyway, but might not be fully functional (e.g.: this is the case with Automatic Updates!
It does happen, by the way, that restart is not enough. Sometimes you have to shut the computer down completely and start it up clean for certain networking settings to take effect.
