Have just installed the latest version. It was a clean install. I am not sharing (single
desktop 'puter behind router), so I don’t really need to define a new trusted network.
However, the Stealth Ports Wizard, does not remember my selection ‘Block all incoming
connections - stealth my ports to everyone’. The wizard insists on: ‘Define new trusted
network - stealth my ports to everyone else’. Why is this ?
(BTW all ports are stealth anyway per Shields Up test bypassing router).
Don’t know if I am right, but you have to allow communication with the router.
Thats why you need to have a trusted network.
192.168.0.0-192.168.255.255 are not routed by default and are always reserved for intranet.
So you need to make sure you are on the same segment with the router and make it a trusted zone.
Yes, but I don’t think it is necessary. The network zone is listed under My Network
Zones … (Marvell Yukon Gigabit ethernet controller etc… IP In xxx etc…).
Everything is stealthed (with router bypassed and using plain dial-up).
So I am just wondering whether it is advisable to nevertheless define
a trusted network - I suppose then the Wizard would be amenable
to remembering ‘Block all incoming connections - stealth my ports to
Otherwise NICE effort (and appreciated) by Comodo.
PS. ( With my linux Ubuntu I don’t have to worry about any of this stuff. ;D but I also use XP
and there I am very pleased with Comodo)
I think there is a problem with the Stealth Wizard. It should remember
when ticking ‘Block all incoming …’ whether or not the network is trusted.
Also size of log file is not remembered.
Updated to version 126.96.36.1998 - still the same.
isn’t the point of a wizard to make it easier to set something up anyway. if you block all ports, shouldn’t it block all ports and remember? then if you want to unblock all ports shouldn’t it unblock them for you? what’s the point if you have to do it manually in global rules?
In the interim, there is a single click workaround to allow you to switch between allowing traffic and blocking all traffic, but it does mean you’ll have to get your hands a little dirty to set it up, but you only have to get dirty once.
WHAT NEEDS TO BE SET UP
In the global rules, set up an ALLOW rule for IP with a direction of IN/OUT, source and destination addresses set to a range that covers your LAN (including your router), source and destination ports set to ANY. Make sure this rule is at the top of your list and the only other rule is the catch-all block rule which must be at the bottom of the list. You should only have two rules at this stage.
Once this is done, create another rule with EXACTLY the same options as above, but in this second rule, select the EXCLUDE option (you’ll see why this is needed shortly). This second rule blocks all traffic EXCEPT to/from your LAN. Move this rule to the top of the list, above the rule we initially created. you should now have three rules.
TO BLOCK ALL TRAFFIC
Edit the first rule we created (which is now the second rule in the list) and select the EXCLUDE option, so that rules 1 and 2 are now exactly alike.
TO ALLOW TRAFFIC TO/FROM OUR LAN
Edit the first rule we created (which is now the second rule in the list) and deselect the EXCLUDE option, so that rules 1 and 2 are now as they were initially set up.
Not the most elegant solution and someone will undoubtedly come along a poke a bloody great hole in my theory, but this should work.