I have just ditched ZoneAlarm in favour of Comodo. I have the latest version (18.104.22.168).
When I had just installed it and hadn’t added any rules myself there was already a rule in ‘Network Control Rules’ to block all IP in or out from any ip to any ip where the ipproto is any.
This rule prevents incoming remote desktop connections. I can create outgoing ones but I can’t connect to this machine from another one via rdp.
If I delete this rule or set ‘Allow all’ I can then use rdp.
Obviously allow all isn’t an ideal solution but does anyone know if deleting this rule puts me at risk as if I had allowed all?
I’ve searched this forum and tried all the combinations of settings I could find before deleting the rule. None of them worked.
I would be grateful if someone could suggest a rule I can add that will allow rdp and allow me to recreate the rule above at the same time…or at least can someone tell me if I’m now at serious risk by deleting this rule?
Please do NEVER EVER delete this rule. YES, it puts you at a great risk.
Let me explain:
Network control rules (NCR) are ordered hierarchically, i.e. CPF parses the rules from TOP to BOTTOM. Thus, the block IP In/Out rule blocks everything that hasn’t been allowed by the rules above.
All you have to do is create a rule to allow incoming remote desktop connections and put it ABOVE the generic block rule.
For anyone reading this with the same problem, once I put back the rule I shouldn’t have deleted (I knew as I deleted it that it’d be important…typical) I created a new rule that allows TCP in and out from Any source to any destination where source port is Any and destination port is 3389 (as per settings in the help section of this forum).
I need to be able to log in from any machine wherever I am. I have a few machines/IPs I use regularly but if I get a call when I’m visiting friends or whatever I need to be able to use their pc to access my works desktop.