I have a small home LAN here.
I have a ADSL 1mb/128k speed connecting.
This connection arrives in a encore enhw-gi router.
This router is connected to 2 computers.
I have the ultravnc configured correctly in the port forwarding.
But i cant make my ultravnc server work with comodo.
When i use the internal ip, i can connect.
But when i use my external ip (port forwarding correctly configured) I receive fail messages.
When i turn off comodo, i can connect both with the internal and external ip.
I would like to know what i am doing wrong in configuring comodo to allow ultravnc to operate.
Ty
funny thing… same issue I had… comodo does not seem to notice that the port/app is trying to connect as a server so you will have to manually add the app and port to comodo manually
add a source any / destination 5900 (or what ever port you used) to the network monitor and allow winvnc.exe traffic in the application montor… That is what worked for me.
Hope this works for you
How do I set up it manualy?
can you tell my step by step the procedure?
I dont know if this is the best or the worst way to do it… but it works for me.
security->Applications Monitor->Add
browse for winvnc.exe (default: C:\Program Files\UltraVNC\winvnc.exe )
I checked “learn the parent”
I used “Allow all activities for this application” to make things easy
now goto security->Network Monitor->Add
Action - Allow
Protocol - TCP or UDP (TCP only might work also… I dont know if udp is used for vnc)
Direction - In/Out
source ip - Any
destination ip - Any
source port - Any
destination port - A single port - port 5900
I pushed mine up the list, but i didnt try it at the bottom so it may work without moving it up.
hope that works for you…
The settings only worked after i moved it to the top
In the last position, the comodo didn’t allowed the winvnc to connect.
I was missing the “netowork monitor” part in my initial attempt to fix the problem.
Ty for the tips dude.
Hi i have got real vnc working on my lan following the advice posted buy cranvac (thxs btw).Now i have a problem trying to connect from a ip outside my network i have forwarded the port in my modem/router and also have the port open in comodo.I have also allowed all access for winvnc in the app monitor.
I was getting this error before i opened the port in comodo,
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = edited, Port = 5900)
Protocol: TCP Incoming
Source: edited:1896
Destination: 192.168.1.66:5900
TCP Flags: SYN
Reason: Network Control Rule ID = 9
In the attackers’ world, this port is usually used by Trojan.Backdoor.Evivinc(5900)
now that i have the port open i get this error,
Severity :Medium
Reporter :Application Monitor
Description: Application Access Denied (winvnc4.exe:edited: :1936)
Application: C:\Program Files\RealVNC\VNC4\winvnc4.exe
Parent: C:\WINDOWS\system32\services.exe
Protocol: TCP Out
Destination: Edited::1936
any ideas ?
Edit: Seems all i had to do was a pc restart hope i dont have to do this every time i install a new app :S.
I noticed that i had to move the rule above the block and log rule created by comodo for it to work also.
Yes, this is a definite requirement… the rules filter from the top downwards, so if you place a rule below the bottom “block & log all” rule (don’t delete this rule to make it work!), it will be blocked.
When you’re creating a new rule, you can select its position in the hierarchy by doing a right-click on an existing rule, selecting Add/Add… (before/after).
If you just use the “Add” icon/button, it will always place it at the very bottom. And this, as you now know, is problematic.
LM