Jump to content
Not connected, Your IP: 100.24.113.182
Sign in to follow this  
nobody12321

Blocking bit torrent when not connected to airvpn

Recommended Posts

Hi. I've read the other thread about this, but it didn't work for me.

I can't seem to get comodo to block bit torrent. I set it to block, but it stays connected even when air vpn is not running. How do I make it so that it can transfer data only when air vpn is connected?

Share this post


Link to post

Hi. I've read the other thread about this, but it didn't work for me.

I can't seem to get comodo to block bit torrent. I set it to block, but it stays connected even when air vpn is not running. How do I make it so that it can transfer data only when air vpn is connected?

Hello!

Please see here to block selectively any application you wish with Comodo:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715

Kind regards

Share this post


Link to post

I did that already. It didn't work. Bit torrent still transfers data even when comodo is set to block it.

Hello!

Can you publish the rules you have set for your torrent client?

Kind regards

Share this post


Link to post

Dear admin,

Can YOU publish the typical COMODO rules (kind of template) for all users. They ALL want SAME things but fishing across the forum brings a lot of confusions and feeling of insecurity. If user is not confident, VPN is useless.

With a lot of regards,

Maggie

Share this post


Link to post

Dear admin,

Can YOU publish the typical COMODO rules (kind of template) for all users. They ALL want SAME things but fishing across the forum brings a lot of confusions and feeling of insecurity. If user is not confident, VPN is useless.

With a lot of regards,

Maggie

Hello!

Please feel free not to fish, just read this message:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=1713&Itemid=142#1715

Kind regards

Share this post


Link to post

I have seen this instruction: "a program to send out packets when you're not connected to Air" before, thank you.

Actually, my concern is a little wider, I'm wondering if you can summarize all the security recommendations (which you giving to users for they particular cases) into one -two screenshot documents?

Lets say: Win 7 & uTorrent & Comodo for beginning.

This will safe a lot of your and users time AND bring your support to more confident level.

Now each of us is thinking: "Yes, I read 180 posts out of 256. Do I know enough to sleep well? What if I need to read more? What if I miss something?".

Share this post


Link to post

By the way,

Do I need to install DD-WRT on my router OR I can leave it with factory firmware (no OpenVPN) in case if I just need to secure one computer?

Thank you

Share this post


Link to post

By the way,

Do I need to install DD-WRT on my router OR I can leave it with factory firmware (no OpenVPN) in case if I just need to secure one computer?

Thank you

Hello!

Please note that a VPN connection does not secure your computer, as clearly stated in our ToS (and in the ToS of every serious VPN provider). That said, if you need to connect one device, you don't need to connect your router to our servers.

About your suggestions, they will be taken into considerations.

The problem here is that "securing a computer" and in general computer security is a task which goes well beyond a VPN service. A VPN connection should never be meant as an anti-malware/spyware tool. A VPN service like ours should be meant as an extremely strong anonymity layer and data protection tool only for non-compromised systems.

If the computer is compromised by a keylogger, or any malware which can run with high privileges, for example, it may leak every information regardless of the encryption and services you use. A course on computer security is always an ongoing, enormous project that can hardly be defined as exhaustive.

Kind regards

Share this post


Link to post

OK, "securing a computer" was a wrong definition. I mean "Do I need to install DD-WRT on my router OR I can leave it with factory firmware (no OpenVPN) in case if I just need to CONNECT TO the AIR_VPN just one computer?"

So, right answer would be:

"No, you don't need to connect your router to our servers AND in this case your router will not break our extremely strong anonymity" ?

Its a funny, funny world sometimes.

Thank you.

Share this post


Link to post

Thanks for your response.

As you can see, bit torrent is blocked but is in fact still transferring data. Did I mess up somewhere with the settings?

Share this post


Link to post

Thanks for your response.

As you can see, bit torrent is blocked but is in fact still transferring data. Did I mess up somewhere with the settings?

Hello!

Yes, the rules are wrong. Please set the rules for bittorrent.exe as you can see from the screenshot. You don't need to set any additional rule for bittorrent.exe.

Link to the screenshot:

http://airvpn.org/media/kunena/attachments/62/comodo_rule1_2012-08-11.jpg

After you have deleted your rules and set the above rule, it must be displayed as:

"Block TCP or UDP Out From IP Not In [10.4.0.0 - 10.9.255.255] To IP Any When Source Port Is Any And Destination Port is Any"

Kind regards

Share this post


Link to post

Thanks for your response.

As you can see, bit torrent is blocked but is in fact still transferring data. Did I mess up somewhere with the settings?

Hello!

Yes, the rules are wrong. Please set the rules for bittorrent.exe as you can see from the screenshot. You don't need to set any additional rule for bittorrent.exe.

Link to the screenshot:

http://airvpn.org/media/kunena/attachments/62/comodo_rule1_2012-08-11.jpg

After you have deleted your rules and set the above rule, it must be displayed as:

"Block TCP or UDP Out From IP Not In [10.4.0.0 - 10.9.255.255] To IP Any When Source Port Is Any And Destination Port is Any"

Kind regards

I set it exactly how you specified. It still doesn't block it. Also, instead of "to IP", it says "to MAC". How do I change that?

Share this post


Link to post

I set it exactly how you specified. It still doesn't block it. Also, instead of "to IP", it says "to MAC". How do I change that?

Hello!

The rule is correct ("to MAC any" is just fine). Did you click "Apply" and then "Ok"?

Did you give time to the BitTorrent client to report the correct stats (even if the block is immediate, torrent clients update the stats progressively)? Did you launch bittorrent.exe after you had set the rule?

Also, enable the logging when this rule is fired (just tick the box as you can see from our screenshot) and check the Comodo logs, you should see a series of denials for bittorrent.exe when you launch it when you're not connected to the VPN, or when you disconnect from the VPN. Finally, monitor the bittorrent.exe connection with Comodo firewall option "View Active Connections".

Kind regards

Share this post


Link to post

Yes, I did press apply then ok. The settings were shown after they had been applied. I also did launch bit torrent after setting it. It transfers data all the same. It seems to not be blocking it.

According to Comodo's event log, there are 0 bytes in or out, but according to bit torrent, it's uploading at over 300 kb/sec. Even when I set it to COMPLETELY block bittorrent (not just connections other than VPN), it still doesn't block anything. Something is clearly wrong with comodo.

Is there another, more reliable firewall that can be used to do this? Comodo is a frustrating waste of time. I have never had a firewall that fails to block something that's listed as being blocked. What a major security hazard. Unbelievable.

May I ask why Airvpn doesn't simply have an option to disconnect the internet when it's not connected? That would save a lot of headaches.

Share this post


Link to post

Yes, I did press apply then ok. The settings were shown after they had been applied. I also did launch bit torrent after setting it. It transfers data all the same. It seems to not be blocking it.

According to Comodo's event log, there are 0 bytes in or out,

Hello!

Can you elaborate? You can't see in or out bytes in the event logs.

but according to bit torrent, it's uploading at over 300 kb/sec. Even when I set it to COMPLETELY block bittorrent (not just connections other than VPN), it still doesn't block anything. Something is clearly wrong with comodo.

Comodo is the most reliable firewall for Windows systems. We can't reproduce the behavior you report on Windows 7 64 bit and Windows XP systems, and we have no such reports of malfunctioning from hundreds of clients using Comodo. Since you have a discrepancy between BitTorrent report and Comodo report, you might like to check your traffic with Wireshark, in order to determine whether Comodo or BitTorrent are wrong.

If you're absolutely sure of what you report, you might send a warning to Comodo team, write in their forum and send a warning to all the major security experts in the world, because this would be an information of paramount importance. In the meantime, as long as this behavior is not reproducible, we are unfortunately forced to dismiss your claims as not credible.

Is there another, more reliable firewall that can be used to do this? Comodo is a frustrating waste of time. I have never had a firewall that fails to block something that's listed as being blocked. What a major security hazard. Unbelievable.

Please see here:

http://www.matousec.com/projects/proactive-security-challenge-64/results.php

May I ask why Airvpn doesn't simply have an option to disconnect the internet when it's not connected? That would save a lot of headaches.

There are a lot of security and practical reasons. Killing applications is not a viable solution, because we have tested that the time between disconnection detection and application forced shutdown allows leaks anyway, not to mention potential data corruption. Anyway, you can do this with small utilities, but we don't recommend to do that. Disabling routes on your physical interface would make your device unable to communicate within your internal network. Blocking traffic with a firewall like Comodo, on the contrary, is a very reliable solution that usually takes a couple of minutes to the average user.

Kind regards

Share this post


Link to post

Here is proof that what I'm saying is true. As you can see, it's set to completely block it, but it's still transferring data. These settings have been applied. I opened them up to emphasize that they are set to block everything, but I pressed "apply" and 'OK" before copying the picture.

I have tried all settings. I have tried blocking TCP/UDP protocols. I've tried in, I've tried out. It still doesn't block anything. What am I doing wrong?

Share this post


Link to post

The problem is fixed. A quick google search revealed that Comodo was indeed the problem. It seems that this is quite a common problem for win 7 ultimate 64 bit users, especially those who use Avast. Even though I don't have Avast on my computer, I guess something must have been conflicting with Comodo. For future reference for anyone else with this problem, use PC Tools Firewall instead of Comodo. I feel stupid for not just googling it sooner.

Here it is working as it should:

http://imageshack.us/f/708/43006981.png/

EDIT:

I have uninstalled PC Tools Firewall for Private Firewall, since symantec isn't exactly my first choice when it comes to security. Private firewall works perfectly and blocks as it should, unlike Comodo.

Once I figure out how to get it to block all connections when the VPN is offline, I will post the instructions here so that it may help whoever needs it.

Thank you for your attention to this problem, but it really does seem like Comodo has incompatibility problems on win 7 64 bit or with other security software. From what I've found on google, I'm definitely not the only one with this problem. I'm honestly baffled as to why it's on the top of the list you cited. It really isn't too great. Maybe if it worked properly on all systems, then it might offer decent protection. Until then, I'll use private firewall.

Share this post


Link to post

Disregard the last post.

Amazingly, private firewall doesn't let you block or allow ip ranges. Instead, you must type in individual ip addresses. That makes the entire program null and void. What were they thinking leaving out such a vital feature? Just astounding... Do they expect the user to individually type out the ip addresses of every website on the planet? It shouldn't be this incredibly difficult to find something that actually works.

I will post instructions on how to block non-VPN traffic once I find a firewall that isn't complete trash.

Share this post


Link to post

@nobody12321

Hello!

First of all, we're very glad to read that you managed to solve the problem and we would like to thank you for the detailed report.

To summarize your considerations, these are our recommendations for Windows users. Of course anybody is free to ignore them.

1) Never use simultaneously two (or more) different antivirus, firewall or any other software which can run with high privileges. This is also true for any combination of programs which monitor the system

2) Never use Symantec products

3) Comodo is the ONLY firewall we recommend for Windows 64 bit. Should other product beat its reliability, we will make an update. Currently most of Windows firewall (including Microsoft Windows firewall) appear as useless toys when it comes to pro-active security and prevention of outgoing leaks. However, recently Privatefirewall (7.0.28.1 or higher) has been greatly improved and it is probably the best firewall after Comodo. It supports IP ranges (just specify a netmask).

Obviously you can't pretend on Windows systems the reliability and power of packet filtering tools available in BSD and Linux systems.

Our considerations are based on independent peer-reviews from the major security experts around the world.

Kind regards

Share this post


Link to post

@nobody12321

Hello!

First of all, we're very glad to read that you managed to solve the problem and we would like to thank you for the detailed report.

To summarize your considerations, these are our recommendations for Windows users. Of course anybody is free to ignore them.

1) Never use simultaneously two (or more) different antivirus, firewall or any other software which can run with high privileges. This is also true for any combination of programs which monitor the system

2) Never use Symantec products

3) Comodo is the ONLY firewall we recommend for Windows 64 bit. Should other product beat its reliability, we will make an update. Currently most of Windows firewall (including Microsoft Windows firewall) appear as useless toys when it comes to pro-active security and prevention of outgoing leaks. However, recently Privatefirewall (7.0.28.1 or higher) has been greatly improved and it is probably the best firewall after Comodo. It supports IP ranges (just specify a netmask).

Obviously you can't pretend on Windows systems the reliability and power of packet filtering tools available in BSD and Linux systems.

Our considerations are based on independent peer-reviews from the major security experts around the world.

Kind regards

I have eset nod32 antivirus, but that's not a firewall program. I guess that's what must have been conflicting with it. I don't want to get rid of my paid antivirus just to get a firewall. Do you think eset nod32 offers good protection? If not, what would be a better choice that might work with Comodo? I'm still not 100% sure that nod32 is messing with Comodo, but that's probably the only thing that could be.

I am still trying to find a good free firewall. What I've found in google suggests that private firewall cannot block ranges, only individual ip addresses. Can you tell me which version is capable of blocking ranges, and how to do so?

Sadly, I can't use linux. It's incompatible with many programs I need for work, even with wine.

EDIT:

I uninstalled nod32 and went with Comodo's internet suite. Once again, it fails to block programs that it's supposed to block.

Admin edit: in order to clarify, the customer did not set Comodo "Firewall Security Policy" to "Custom Policy". Be aware that custom rules are not applied if "Firewall Security Policy" is set to "Training Mode", "Disabled", "Safe Mode" or "Block All"

I really don't understand why you think that program is any good. Any firewall that fails to block a program it says it's blocking is a major security risk in my book. They must just pay off the reviewers to say their software is good. If a firewall by symantec of all developers (PC Tools firewall) does a better job at blocking programs than Comodo, then that says quite a bit about Comodo. There are MANY people with this exact same problem. Just google it. The worst part is that Comodo TELLS you it's blocking, but actually isn't. That's just a complete joke. It should at least tell you it's not blocking when it isn't blocking. Going back to nod32.

Also, I can't find anything on google that suggests that private firewall is capable of blocking ip ranges. Going to try eset firewall and see what happens. I will also experiment with some free firewalls in case someone wants to do what I'm trying to do without paying for eset's firewall.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...