Is there a way to allow an application to act as a server (i.e., listen to and accept connections) and allow requests from the local computer but not from the Internet? In ZoneAlarm, this can be achieved by setting a program’s “Server” settings to allow “Trusted” and block “Internet”, whereby the “Trusted” zone contains the loopback address (127.0.0.1).
I installed Comodo over the weekend but couldn’t find a way to do this. As a software developer, I need this functionality. Thanks in advance for any help and comments.
I’m just curios, as recent ZA user and got fed with it’s just about “turtle speed with web surfing” even as I went to logit pension places etc…and then removed ZA completely include registry cleanups, and then got very happy with CFP 2.4 and its monitoring speed, and “seems not monitoring at all when I surf to my financial webs, are you still ok with ZA performance???
Just curios, might be you knew how to “bend this animal”, I meant ZA.
Me personally being with ZA installed for more then 6 month and eating it’s garbage, I would like to see ZA company out of business, as fair back payment just like that.
If you’re running CFP 2.4, create a zone for the 127.0.0.X subnet and set this zone as trusted. This will add two rules to the Network Monitor. Now, go to the Application Monitor rule and add a rule for your application that references the zone we created for the loopback network. Reboot (this is only to ensure that the new rules are read and implemented - you can simply wait a couple a minutes, but a reboot is better and it’s only a once-off) and you should be right to go.
Ewen, thanks for your answer! How do I properly set the Application Control Rule though? In my scenario, I want to expose my custom port only to my trusted zone but not the Internet. The Application Control Rule form has tabs for the destination IP & port but that doesn’t seem to apply here. My application accepts connections and doesn’t initiate them, so there isn’t a destination. In ZoneAlarm, each program has settings per zone for “Access” (initiates connections) and “Server” (accepts connections). In CFP 2.4, it seems there are only settings pertinent to initiating connections. Please advise.
Greg, I currently use the free edition of ZoneAlarm and think its performance is excellent. I have also used an older version of ZoneAlarm Pro (more than 1 year old), and it did seem to significantly slow down the system. I don’t know if the latest version is any better. I haven’t tried the ZoneAlarm suite (includes antivirus, etc.) either, so I don’t know how that performs. I just need very basic firewall functionality, so the free ZoneAlarm is adequate for me. Of course, I’m now exploring Comodo!
Sorry, I forgot to mention that inbound rules are set only in the Network Monitor. Create a zone for the local loopback subnet and then create a Network Monitor rule to allow IN/OUT to/from this zone.
I might be wrong (and if so, I’ve been wrong for decades) but isn’t the local loopback range (127.0.0.X) non-routable outside the PC, similar to other private IP address ranges.
might a misunderstanding, windows services, near the whole system communicates via loopback internally and can route a ip (grin at least your own ip).
so you might loose control if make it a trusted zone, which means all activity is bypassed the firewall?
(eg. hd access is done via loopback internally)
so i might wouldnt do that, but im open for impressions.
If route.exe is placed in the protected files list, the firewall will prevent the addition of any static routing to the IP table.
Thanks for reminiding me about that, you’ve stirred the grey cells into action. You’ve raised an interesting point as to whether any malware has attempted that sort of route table manipulation.
Anybody ever seen/heard of this?
Mike, am I correct in thinking that if route.exe was added to the protected file listing this would prevent the vulnerability you’re referring to? Or is there a better to way to prevent it?
It doesn’t really matter how you are connected, router or modem is immaterial. The 127.0.0.X local loopback IS solely your PC and doesn’t give a tinkers cuss about how or whether you’re connected at all.
Calls to and from the 127 subnet are non-routable outside that address space.
