I tried Comodo FW 10 ;
I got an alert mbam.exe tries to connect to 220.127.116.11. (a fictional example) So, what shall I do? allow, deny???
Now I switch to PC Tools firewall Plus: the alert is : mbam.exe tries to connect to stats.mbamupdates.com ( the same 18.104.22.168)
The decision is much easier to make: is MBAM update so, yes, allow.
So, Why Comodo FW cannot resolve host name from the IP address???
That an interesting idea. However by resolving the Host it take longer (albeit usually in miniseconds). Second it making unnecessary connection (User don’t want to even allow any connection). So an add-on option is would. Personally I would like to solve host name sometime too.
However have you use the “Show Activity” button? It call Viruscope I think, that sometime show the website that the program trying to connect to.
It is not an idea , is a question.
PC Tools Firewall Plus, not longer maintained since 2012, displays such an alert (and still works fine after so many years) and Comodo Firewall 10 is still stuck showing only the ip.
See the attachment about how a properly designed firewall should alert you.
Hostnames are only resolved once per session of the software. Anyway trusting hostnames is very weak filtering and can easily be redirected to 3rd party hosts.
Your better off retrieving the CIDR block and using that to calculate the IP mask. Saddly CIS 10 seems to have removed the option to use the actual CIDR block.
Thank you for your answer!
Honestly I did not understand even 10% from what were you saying.
The point is my firewall (PC Tools Firewall Plus) is providing me with a host name in any alert which is much easier to understand and decide what to do.
Comodo FW is providing me with an IP address.
What am I supposed to do? Abandon whatever I was doing at that moment and spend 10-15 min to manually try to find out who is behind that IP???
And this for each and every alert?
This is a “wish” from 2014 , so 3 years ago.
Most likely is never going to be implemented.