Currently for English only

32-bit
http://download.comodo.com/cfp/download/setups/CFP_Setup_3.0.12.266_XP_Vista_x32.exe
64-bit
http://download.comodo.com/cfp/download/setups/CFP_Setup_3.0.12.266_XP_Vista_x64.exe

I've just installed it. It rocks. :D

Thanks for the heads up. :thumb:

Just using Windows firewall (or BitDefender's) on my systems, but will give CPF 3 a look since I never tested it.

This appears to be quite awesome actually. I tried one of the early beta's which were buggy as hell. This however, is very polished. Runs very light, getting the stealth ratings at all the usual sites. Much easier to understand than some of the beta releases. And, what a lovely GUI!! I must say i'm impressed so far. I have defense+ turned off by the way. I don't care for leaktests. This may well be a keeper, I will keep playing.

Version 3 seems great so far. Running well,(on XP Home), no problems, no conflicts, reasonable boot & shut down times. Can't fault it ;D

Is Defense+ easy to disable? and does the new Comodo handle p2p/gaming ok?

You can disable defense+ during the installation. I'm yet to put it through it's paces with p2p. It's currently running at about 13megs RAM over two processes and as yet none of the awful spikes I used to get with Comodo 2.4. By the way i'm running XP home with a shitty old Celeron 2.5ghz processor and 512 of RAM. So far so good.

Quick question. Do you have to uninstall v2.4 first, or do you install v3 right over the top? Thanks:)

I wouldn't know i'm afraid. I wasn't running 2.4 before hand so it was a fresh install.

Could someone please inform me if this can be installed also offline? Or does it absolutely need online activation?

{QUOTE-> I wouldn't know i'm afraid. I wasn't running 2.4 before hand so it was a fresh install. <-QUOTE}
OK let me re phrase my question. Can someone who upgraded from v2.4 tell me if I need to uninstall v2.4 before I upgrade, or can I upgrade over the top of v2.4 to v3?:)

Just to be safe remove 2.4 then start fresh since this is all new.

{QUOTE-> Quick question. Do you have to uninstall v2.4 first, or do you install v3 right over the top? Thanks:) <-QUOTE}

You will probably save yourself some grief by doing a clean install. So uninstall first - the two versions are quite different.

Al

{QUOTE-> Could someone please inform me if this can be installed also offline? Or does it absolutely need online activation? <-QUOTE}

I'm not aware that it needs online activation. Why don't you just install it off line and see for yourself?

Al

Sweet. I've been waiting for it for 6 months. Now, my vista is protected. I could not stand the ESS firewall.

{QUOTE-> You will probably save yourself some grief by doing a clean install. So uninstall first - the two versions are quite different.

Al <-QUOTE}
Thanks Adric and rhuds13 ;D

Had to Ghost back. Launched Quake4 and system locked. Using Vista Premium and was unable to stop Quake4 since no mouse after using Ctrl+Alt Delete. Used to XP Pro and would have had the mouse there. Will try again later and see.

look at the size of it 31.4mb
what have it in setup
normal firewall is 5 to 20 mb but this is 31.4mb
why

All other F/W have to be uninstalled before V3, including previous versions of comodos firewalls.
Installation cannot be done in safe mode as some low_level kernel drivers cannot be installed.

Running tight and well on this end...have fun ppl

{QUOTE-> look at the size of it 31.4mb
what have it in setup
normal firewall is 5 to 20 mb but this is 31.4mb
why <-QUOTE}

I imagine the HIPS component added to it's size.

{QUOTE-> I imagine the HIPS component added to it's size. <-QUOTE}

Probably it was the whitelist

{QUOTE-> Probably it was the whitelist <-QUOTE}
Yes, the withelist and also the Help file that was not present in the Beta and RC versions. ;)

does this cover vista?

{QUOTE-> does this cover vista? <-QUOTE}

Y
E
S

{QUOTE-> Y
E
S <-QUOTE}


thanks

I love COMODO! They put a hidden feature in...well not hidden anymore :D
Competing with antiviruses

{QUOTE-> Oh that is what you havent seen in the BETA or RC versions
While trying to improve our security considerations section in order to give a better advice to our users, we came up with a heuristic analysis algorithm which detected 60% of the malware samples we threw at it.

For example, as of 11/11/2007, the following virus was an unknown one. Please have a look at he attachment for an example alert and how CFP detected it without any signature database

Egemen <-QUOTE}

{QUOTE-> I love COMODO! <-QUOTE}

Really!!?? Surely no one in this forum could've guessed ::)

Yea, I saw that heuristics detections. It signs some leaktests as suspicious for e.g. grc leaktest, too leaky...

{QUOTE-> Really!!?? Surely no one in this forum could've guessed ::) <-QUOTE}

;D ;D ;D

Could someone post some more screenshots.

Is it really noisy in terms of popups?

@dmenace, pop-ups at a minimal here.So far so good?

{QUOTE-> look at the size of it 31.4mb
what have it in setup
normal firewall is 5 to 20 mb but this is 31.4mb
why <-QUOTE}

It has a database of 'SAFE' applications keeping you from having to answer to a million pop-ups.

1 quick question is anyone using Comodo 3.0 with Avast antivirus free & boclean?

as thats my spec now without Comodo and i would like to have it.

No compatible issues?

i say that coz Avast as a network feature IDS and Comodo firewall as well?

Yay it is here!

So far so good. I think I would have to drop my SSM though, because it seems the Defense+ module is pretty powerful in its own right. No need to spend RAM on SSM. All together @ +/-13MB. Also, the heuristic algorithm for a HIPS seems like a good idea.

Would like a little feed back from users, so post if you guys have a chance. For me, I cranked everything on maximum protection and execute everything on the computer, took screenshots of everything for later analysis. A trojan that was known to be able to sneak past my previous FW ( Mcafee Corp. 8.5) was not able to get out. :wacko:

Hi,

Tried an earlier version, no luck. Out of curiosity, gave v.3 a run, much to my surprises, it does rock. smooth sailing so far.

If a freeware can be prepared this way with highest standard, who else is going to give a glance at those paid wares. Lately, other quality firewall such as OA, ZAAS, and Webroot all have made their products free. Could this spell out the rocky road ahead for firewall paid wares ? Comodo I :thumb:

Nice job done.

umm........ bit of a problem, KAV cannot be installed with Comodo v3 installed?? help plz

{QUOTE-> umm........ bit of a problem, KAV cannot be installed with Comodo v3 installed?? help plz <-QUOTE}
Turn PDM off?

Stick KAV on first. Its the only way unless you want to fiddle around with registry entries.

Uninstall KAV
Install Comodo
Reinstall KAV

Rebooting in between steps obviously. :)

Anyone knows if there have been done a HIPS test on the Defence+ in the firewall.??

If not i hope there will be done a test on http://www.techsupportalert.com/ very soon.

I uninstalled OA and installed Comodo. During installation I picked the option for basic firewall but Defense+ was not disabled as I expected. It was just set to Clean PC mode.

Comodo v3 seems fairly light and nice so far. I dont like the custom theme/gui though; I wish it just supported Windows visual styles.

I will test with p2p later.

{QUOTE-> Stick KAV on first. Its the only way unless you want to fiddle around with registry entries.

Uninstall KAV
Install Comodo
Reinstall KAV
<-QUOTE}

no, i already have the comodo firewall installed, during the KAV installation, it says its cant install when comodo is installed?

{QUOTE-> no, i already have the comodo firewall installed, during the KAV installation, it says its cant install when comodo is installed? <-QUOTE}
Do the opposite of what he said than :D.

but does this mean that comodo v3 and KAV wont work well together?

{QUOTE-> I uninstalled OA and installed Comodo. During installation I picked the option for basic firewall but Defense+ was not disabled as I expected. It was just set to Clean PC mode.

Comodo v3 seems fairly light and nice so far. I dont like the custom theme/gui though; I wish it just supported Windows visual styles.

I will test with p2p later. <-QUOTE}
It is off. Open up the interface and look under Proactive Defense. It should read "The Defence+ security level is set to Inactive"

Also go to the defence+ tab, then advanced, then click defence+ settings. See pic. It only lists it as being in clean pc mode when you right click the tray icon. It is actually disabled.

{QUOTE-> but does this mean that comodo v3 and KAV wont work well together? <-QUOTE}
PDM just needs to be off.

ok, thats what i thought, i was planning on doing that anyways, thx!;D

{QUOTE-> It is off. Open up the interface and look under Proactive Defense. It should read "The Defence+ security level is set to Inactive"

Also go to the defence+ tab, then advanced, then click defence+ settings. See pic. It only lists it as being in clean pc mode when you right click the tray icon. It is actually disabled. <-QUOTE}
D'oh! I didnt see that. Thanks coolio.

They should disable the slider when Defense+ is disabled.

Thanks Dogtag for the screenshots :thumb:

Just read in the comodo forum that some people are reporting the final release doesn't remember AVG and Avast is installed. Anyone else having problems with this.

http://forums.comodo.com/feedbackcommentsannouncementsnews/avg-t14906.0.html

{QUOTE-> Just read in the comodo forum that some people are reporting the final release doesn't remember AVG and Avast is installed. Anyone else having problems with this.

http://forums.comodo.com/feedbackcommentsannouncementsnews/avg-t14906.0.html <-QUOTE}
There are some problems mostly with avast such as slowdown/slow booup or lockups. Not sure if this is comodo or avast at fault. I believe comodo and avast work at the same time to scan/add files which causes them to conflict or you could picture it as two guys trying to pick 1 pencil off the floor and keep knocking heads until they pick it up :D. Only Vista users seem to be effected though.

alls smooth now:D running KAV and Comodo firewall, no slow downs

How is NOD32 V3 and CFP 3 getting along? Anyone running both?

Sorry to rain on the parade, but I like Comodo 2.4 better. 3.0 has too many pop ups. It looks to me like it would never be fully trained, there would always be some combination that had not been tried yet. To a certain extent 2.4 has this attribute, but it is an order of magnitude less bothersome.

From my point of view, with defense+ on, 3.0 will only work for the most dedicated and paranoid. Ordinary humans need not bother.

how about leaktest ? did CPF 3 passed ?

{QUOTE-> Sorry to rain on the parade, but I like Comodo 2.4 better. 3.0 has too many pop ups. It looks to me like it would never be fully trained, there would always be some combination that had not been tried yet. To a certain extent 2.4 has this attribute, but it is an order of magnitude less bothersome.

From my point of view, with defense+ on, 3.0 will only work for the most dedicated and paranoid. Ordinary humans need not bother. <-QUOTE}
With this (http://www.wilderssecurity.com/showpost.php?p=1122153&postcount=26) and all else, it may seem to be getting a little bit "bloated", but let's give it a couple weeks to "mature"...

Man you're everywhere 19monty64. LOL. I was wondering how close in protection it would be between using just Comodo Pro 3 verses using ThreatFire with Zone Alarm Pro? Please don't crucify me for asking this in this thread. LOL. However if you love Comodo, (and I at least like it a lot) then convince me why I should use version 3 over TF and Zone Alarm Pro? Thanks. Hey 19monty64. See ya in the "other malware forum" LOL.

{QUOTE-> Sorry to rain on the parade, but I like Comodo 2.4 better. 3.0 has too many pop ups. It looks to me like it would never be fully trained, there would always be some combination that had not been tried yet. To a certain extent 2.4 has this attribute, but it is an order of magnitude less bothersome.

From my point of view, with defense+ on, 3.0 will only work for the most dedicated and paranoid. Ordinary humans need not bother. <-QUOTE}

That does not make any sense. I don't get popups.

I downloaded the Comodo exe off the website in case I'm convinced to use it over TF and ZAAS. However right before it was done completely downloading my PC froze for a second or two. After that then, with the exe on my DeskTop I tried right clicking it to check the Properties just to make sure I had the right version, ( Windows XP 32 bit) and my PC froze again for a few seconds. Then when I went to put the exe in the Recycle Bin ( thinking i had a bad DL ) it wouldn't move right away and once again my PC froze. After that, once in the Recycle Bin it then took a few seconds before I could delete it. I also DL a ZAAS exe later and no such incident. Why did this happen?

Hello,
It looks as though Defense+ isn't all it's cooked up to be. Some rules are simply not remembered. As far as HIPS capability goes, Defense+ is not as fully configurable as SSM. I think it would be a combination of the FW and SSM that would provide a little more in terms of options.

comodo is running great for me also running about 11.4 mb i am using basic firewall i was not two crazy about the hips and i am not gotting a lot of pop ups at all compare to 2.4 it seems to remember your answer a lot better and as far as installing new version it will uninstall 2.4 reboot then you install 3.0 i did clean registery before installing new version i am very happy with new version i think comodo did a great job i am using new version with also new version of nod and counterspy and boclean and admuncher and rogue remover and everything is getting along great 8) :thumb:

{QUOTE-> I downloaded the Comodo exe off the website in case I'm convinced to use it over TF and ZAAS. However right before it was done completely downloading my PC froze for a second or two. After that then, with the exe on my DeskTop I tried right clicking it to check the Properties just to make sure I had the right version, ( Windows XP 32 bit) and my PC froze again for a few seconds. Then when I went to put the exe in the Recycle Bin ( thinking i had a bad DL ) it wouldn't move right away and once again my PC froze. After that, once in the Recycle Bin it then took a few seconds before I could delete it. I also DL a ZAAS exe later and no such incident. Why did this happen? <-QUOTE}

Hi Wordward-what another move;D

Probably completely unrelated to Comodo,such as an app or process running

in the background-updater antivirus etc.

.

so is there any conflict with Avast and Comodo?

as avast has ids and comodo as well?

{QUOTE-> so is there any conflict with Avast and Comodo?

as avast has ids and comodo as well? <-QUOTE}
I have just installed it alongside avast!, so far nothing catastrophic, but it will take a little time to be sure.
This is on an XP machine btw

One thing that does worry me though is that there were issues with the last version due to it's protection of it's own registry keys, with FD-ISR, am wondering how it will behave now it's protecting a whole raft of keys

{QUOTE-> How is NOD32 V3 and CFP 3 getting along? Anyone running both? <-QUOTE}


They work, they are like boyfriend and girlfriend - inseperable! No need for Threat fire either

I uninstalled the Webroot firewall and got this one. While webroot was good, I actually like the built in HIPS better in Comodo. The webroot one was really only a process blocker, but this is more advanced, but not as bad as SSM (good, but too advanced and noisy for my use and level of paranoia).

No problems so far, and the GUI is much better than webroot's.

edit: I forgot that webroot had options for different permissions for each process, so it wasn't just a process blocker.

{QUOTE-> They work, they are like boyfriend and girlfriend - inseperable! No need for Threat fire either <-QUOTE}

Thanks for testing that.

I don't think this paticular version of COMODO is suitable for novices.
I'll just stay with the windows firewall.

So far so good. Best of all, i don't get prompts about my the crytographic signature of my game executables being changed which happens frequently due to patches for my online games like Guild Wars. I don't think there was an option to disable those prompts for 2.4 and i didn't need to change any settings for 3.0.

sorry


but I still dont know how to specify those rules derived from the popups.

Eg, I got a clean install of comodo and at the point my windows spool server wants to connect to my printer the warning popup comes up.
Now the user has the options to allow generally, to deny etc. and that comodo remembers that answer thus applying it as rule.

What I did was - cause not knowing better - to say ok, please remember and allow spoolserver to connect to IP xyz , my printer.

But on checking this rule in the network policies I recognize that the rule is now a general outgoing rule. It is not bound to my printers IP!!!

That is totally anoying. How come? What can I do easily to change that behaviour? Is it initiable from the warning pop up? Is there a hidden setting I dont know?

{QUOTE-> How is NOD32 V3 and CFP 3 getting along? Anyone running both? <-QUOTE}

Could not be smoother. Running XP Pro on Dell notebook with NOD32 V3 and Comodo 3.

{QUOTE-> sorry


but I still dont know how to specify those rules derived from the popups.

Eg, I got a clean install of comodo and at the point my windows spool server wants to connect to my printer the warning popup comes up.
Now the user has the options to allow generally, to deny etc. and that comodo remembers that answer thus applying it as rule.

What I did was - cause not knowing better - to say ok, please remember and
allow spoolserver to connect to IP xyz , my printer.

But on checking this rule in the network policies I recognize that the rule is now a general outgoing rule. It is not bound to my printers IP!!!

That is totally anoying. How come? What can I do easily to change that behaviour? Is it initiable from the warning pop up? Is there a hidden setting I dont know? <-QUOTE}

You can create your own rule before you get the pop-up ;)

Seriously, you'll have to change the rule to your liking once it is created.
Network Security Policy -> Edit ->Edit

Al

{QUOTE-> You can create your own rule before you get the pop-up ;)

Seriously, you'll have to change the rule to your liking once it is created.
Network Security Policy -> Edit ->Edit

Al <-QUOTE}

That is quite uneasy. Imagine you want your email programme only to connect to your email server/provider. Let's assume hotmail and yahoo. then I had to look up those IP adr. and to enter the rule my self so that it is corresponding.
Lots of work :(

{QUOTE-> They work, they are like boyfriend and girlfriend - inseperable! No need for Threat fire either <-QUOTE}
Way Cool! ;D

DickDiver :
You have to set the alert level up. Check in fw-advanced-'one of the two last options' (i'm not looking at it right now)
If you missed this, i highly recommend you to regard Defense+ as a execution blocker only, and forget about it, so you can learn the firewall. Navigate the Firewall tab, look at the options, read the help.

{QUOTE-> They work, they are like boyfriend and girlfriend - inseperable! No need for Threat fire either <-QUOTE}
Hi,

No need for TF with CFP v.3 ? due to ?

Overkill or

Report at Comodo's forum re conflict between TF and CFP ?

Thanks.

{QUOTE-> Hi,

No need for TF with CFP v.3 ? due to ?

Overkill or

Report at Comodo's forum re conflict between TF and CFP ?

Thanks. <-QUOTE}

There is a fix make threatfire.exe a trusted appliction in CPF.
http://forums.comodo.com/help_for_v3/help_comodo_v3_and_threatfire_conflicts-t14942.0.html

Runing 2 HIPS is overkill?

Threatfire is not a HIPS program. It's behavior detection system (BDS). It's working a it different than standard HIPS.

Wonderful firewall btw. Fast, beautiful and works perfectly even with programs like eMule. I wonder how other firewalls even stand a chance against this one.
It's just, perfect! I'm already recommending it around :)

Just me who have problems with CFP3 and SAS Pro..?

Everytime SAS Starts and SSupdate.exe wants to update it gets added as en application in the firewall and Defence+

so restart a few times and you have several applications from SSupdate.exe


(and yes i have tryed everything, make my own rules for SSupdate.exe added is as trusted and so on) but it gets added every time anyway, because SSupdate.exe gets replaced with a new SSupdate.exe when SAS updates(when SAS starts or if you rigth clock on the icon and click "check for updates")

(so if i dont clean out SSupdate.exe from my applications, then if we say i only start my computer once a day. then i will have 1460 applications in total (730 for the firewall and 730 for Defence+))

{QUOTE-> OK let me re phrase my question. Can someone who upgraded from v2.4 tell me if I need to uninstall v2.4 before I upgrade, or can I upgrade over the top of v2.4 to v3?:) <-QUOTE}
Install over v 2? - Not at all in my opinion.

I agree. twl845, uninstall 2.4 before. There are still some glitches note, but it should be stable.

{QUOTE-> I agree. twl845, uninstall 2.4 before. There are still some glitches note, but it should be stable. <-QUOTE}
Like todays update for example. Somehow the help file opened when I clicked on the update and incessantly made a clicking noise while trying to open the chm, thus locking the updater such that it had to be killed. PITA

;D i didnt get that myself. Did you try to disable updates? It will try to update anyway. The firewall WILL alert you of that, and you CAN block it like i have, but it is a bug.

{QUOTE-> ;D i didnt get that myself. Did you try to disable updates? It will try to update anyway. The firewall WILL alert you of that, and you CAN block it like i have, but it is a bug. <-QUOTE}
I realize it is s bug ;)
It was with the auto update option enabled, it came from the "balloon tip" I think. It all happened so fast! HA!
I don't have the time to report it nor reproduce it, I still have the installer in question if anyone is interested in trying to reproduce it today.
This is the original installers file name: CFP_Setup_3.0.12.266_XP_Vista_x32.exe

To add insult to injury, upon uninstall I was privy to the old faithful, ie. BSOD
Apparently the dump file was farq'ed but here is the output from the event log.

The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0xb9ef075c, 0xb71a1ae4, 0x00000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP.

My install went well, but the desktop icon doesn't work nor does the menu listing. I have to access from the sys tray icon. I saw a post in the Comodo forum complaining of this and they were told to right click on the desktop icon and select run as, and select administrator, which I tried, but it didn't help. Can anyone who had this problem and solved it tell me how to fix it? Thanks in advance.:P

Build 268 released today. Availlable via update under misc. The fixes are unknown but egemen has told many bugreporters that their issue has been fixed. :D. So its just a bugfixing update.

{QUOTE-> Build 268 released today. Availlable via update under misc. The fixes are unknown but egemen has told many bugreporters that their issue has been fixed. :D. So its just a bugfixing update. <-QUOTE}
I am using the new build 268 and have the above problem with the icon not working. I'm apparently not the only one. can you help me?

This should be called RC. twl845, post it in the bug report section, with the title perhaps "BUGREPORT: desktop icon doesn't work nor does the menu listing (V3.0.12.268 x32)" if it's 32 bit.
Describe the problem the best you can, your specs and active programs.

Other than this, i can't help. :-\

{QUOTE-> This should be called RC. twl845, post it in the bug report section, with the title perhaps "BUGREPORT: desktop icon doesn't work nor does the menu listing (V3.0.12.268 x32)" if it's 32 bit.
Describe the problem the best you can, your specs and active programs.

Other than this, i can't help. :-\ <-QUOTE}
Most likely the icon was made to open the firewall when it is closed but not to open the gui which the tray icon is for.

Threat Fire is a behavioral blocker similiar to defence+, you can try to add TFservice.exe to a trusted application in CFP and that should work, but in my opinion that is overkill. decide either T/F or DEFENCE+ and stick with one.?

Try the CPIL leak test on t/f and then with D+ then make a executive decision on what u want..lol

Yes twl i too have the same problem, i can't enitiate CFP from desktop-icon, looks like for now we have to deal with it?
Will post in the comodo forums for answers but am afraid i aint got no answere for this at the moment?

I have a feeling that Comodo Firewall Pro version 3 will top the matoussec leak test again.;D
Works well with Kaspersky Internet Security & A-Squared Anti-Mallware. All you have to is add it to each other's exclusion lists.

Comodo???

I really tried Comodo 3 on the gamer PC.
We are behind a hardware firewall, so I could allow all incoming traffic: Good.

Next I could play with the settings of the various security build in modes of teh defense +. One irritating issue was that starting programs always was ask or block (no allow). Okay this can be changed by setting all exectuable and programs in the allow list. Okay is workable

What also was good that you can define (all not defined programs as limited rights programs) = good. As you problably have understood I do not like AE's, but Comodo can be made a policy sandbox with strong classical HIPS containment (good)

Hey, I can add my own registry and file protection: great

Helas then the "you have goy so many programs to evaluate" after each reboot. Allowing all programs of AVAST as installer, could not find a way to solve this surprise feature. After every re-boot the same files had to be evaluated.

Okay I uninstall and wait until this usability problem is solved. So I nearly was conviced of Comodo. Think I give 3.2 or so a try again.

Are there any skins for it?

{QUOTE-> Are there any skins for it? <-QUOTE}
Not yet but there will be soon

{QUOTE-> Yes twl i too have the same problem, i can't enitiate CFP from desktop-icon, looks like for now we have to deal with it?
Will post in the comodo forums for answers but am afraid i aint got no answere for this at the moment? <-QUOTE}
Coolio10, Pedro and Dogtag - I found another thread in the Comodo forum, and Coolio10 wins the prize for the correct answer. V3 is a little different from v2.4 in that because CFP opens automatically when you bootup, the sys tray icon is in essence minimized. So, when you click the desktop icon or the menu listing nothing happens because you're already up. If you shut CFP down then you can restart it by clicking the desktop icon. Sometimes I feel dumb.:P

{QUOTE-> Yes twl i too have the same problem, i can't enitiate CFP from desktop-icon, looks like for now we have to deal with it?
Will post in the comodo forums for answers but am afraid i aint got no answere for this at the moment? <-QUOTE}


Same here - however I deleted it and just use the shield in the system tray/task bar thingy (by the clock).

;D ;D ;D ;D ;D ;D

*puppy* *puppy* {QUOTE-> Same here - however I deleted it and just use the shield in the system tray/task bar thingy (by the clock).

;D ;D ;D ;D ;D ;D <-QUOTE}
i always delete icons of security software.

{QUOTE-> That does not make any sense. I don't get popups. <-QUOTE}


Perhaps I should say the training box in the lower right hand corner of the screen seems like it will never shut up. From the discussion of the beta things are not as tight as 2.4 with Defense+ turned off, and off is where a lot of frustrated folks are going to turn it. IMO, this is a great toy for folks who like to play with security software. Its free, like the bread falling from the heavens. But for ordinary computer users its too complex.

Stuff like Threatfire that does not demand much of the user, or possibly OA, is what this world really needs. If its not a no brainer, it will not be widely adopted.

I did not enable Defense +, but left SpyWareDoctor running. SpyWareDoctor flagged about two or three dozen backdoors and the like during the installation of Comodo FW Free V3.

Deinstalled and sanitized.

Not sure i understand you Diver. The box can be disabled and it learns in silence.
I think you didn't give enough time to see how it works.
Myself i will not make an opinion of D+, until i give it some time.

SSM was pretty confusing at first, but since i saw where things were and how it worked, i now think that the free version at least is easy. Like CFP 2.4, second nature.

{QUOTE->
Deinstalled and sanitized. <-QUOTE}
You mean you finally got rid of SD right?

{QUOTE-> You mean you finally got rid of SD right? <-QUOTE}
That would have been my choice. lol

{QUOTE-> You mean you finally got rid of SD right? <-QUOTE}
Actually, yes ;)

{QUOTE-> Not sure i understand you Diver. The box can be disabled and it learns in silence.
I think you didn't give enough time to see how it works.
Myself i will not make an opinion of D+, until i give it some time.

SSM was pretty confusing at first, but since i saw where things were and how it worked, i now think that the free version at least is easy. Like CFP 2.4, second nature. <-QUOTE}

OK, I can disable the box. Next time. I might try it again in a couple of weeks as there was a new build today, and it might not be the last one in the short term.

I just have no Idea how long it takes to learn everything so you can switch out of the clean computer mode. So far it looks like forever because it records every conceivable thing the machine can do. Why cant these things be a bit more selective?

I found this acts like Kaspersky IS and makes Spy Sweeper scans stop to a Virtual Crawl :gack: Goodbye Comodo, because also the learning thing takes till doomsday, and the installation request mode is also too damn annoying :gack:

HI,

DefensePlus can be used and set to be quiet, making it a policy sandbox with hips strength containment. The only thing that drove me crazy were those pending files. After every re-boot I got 426 files or so in the "needs your reviewing list". It seems that Comodo does not deal well with Raid under vista64. This and the problem of Avast update (I think Avast uses a trick by updating its blacklist into a dll, CFP 3 recognises this every time that they are updated). You can not leave the list because by default these are marked untrusted and not all programs will run properly.

When CFP has sorted this out or provides an option to forget about changed files, It is a EQSecure like HIPS feature.

Any one know if it "gets along" with ShadowSurfer?

{QUOTE-> HI,

DefensePlus can be used and set to be quiet, making it a policy sandbox with hips strength containment. The only thing that drove me crazy were those pending files. After every re-boot I got 426 files or so in the "needs your reviewing list". .......When CFP has sorted this out or provides an option to forget about changed files, It is a EQSecure like HIPS feature. <-QUOTE}


Yiiiiiiiiii!

I just reformatted and have logged up 1912 files for review? :blink:

{QUOTE-> Sorry to rain on the parade, but I like Comodo 2.4 better. 3.0 has too many pop ups. It looks to me like it would never be fully trained, there would always be some combination that had not been tried yet. To a certain extent 2.4 has this attribute, but it is an order of magnitude less bothersome.

From my point of view, with defense+ on, 3.0 will only work for the most dedicated and paranoid. Ordinary humans need not bother. <-QUOTE}

I agree 100%.

I tried version 3.0, and took it out after 30 minutes, couldnt be bothered with all the different combinations. I want to enjoy my computer, not spend all my time worrying about this application or that one doing things.

:thumbd:

IMO : Comodo V3 is too complicated and is not user friendly !! >:(

Certainly not an easy beast to get the hang of, I have 6000 files for review when I booted back into the snapshot containing V3, not sure what that's all about, but it doesn't like to be disturbed when it is compiling its list, tried to open my browser while this was going on and the whole system hung, had to pull the plug to power down. Updater seems to be a bit haywire as well, currently it seems to be trying to update now and not doing a lot of anything. I think there are too many bugs for me to consider this any more than still a Beta. I don't have enough computer savy to work through all this so I will roll back to 2.4 and await less problems.

Just installed this and was wondering do I need Defense + turned on if I have KAV 7 installed with Proactive Defense turned on?

Surely they are both the same thing?

Defense + is a little more advanced than KAV proactive defence, i use KAV aswell, i just didnt install PD during the installation and am using comodo defense+ now.

this is the first HIPS ive ever used, and i dont get what u peep are complaining about, its a great program and i dont get that many pop-ups, at least not enough that it would bug me

{QUOTE-> OK, I can disable the box. Next time. I might try it again in a couple of weeks as there was a new build today, and it might not be the last one in the short term.

I just have no Idea how long it takes to learn everything so you can switch out of the clean computer mode. So far it looks like forever because it records every conceivable thing the machine can do. Why cant these things be a bit more selective? <-QUOTE}
I know what you're saying. And to be honest, now that i'm really looking at D+, i have one major complaint: too many windows open. The main GUI is just a set of links for the real show. To get to individual rules for applications, you get 5 windows, including the main. Not to mention clicks to get there. A lot could / should be collapsed under the same one.
The firewall has the same logic as 2.4 (my favourite, easy to create rules), but it suffers from the same above problems. The rules at least should be in the main GUI, in a tab like "Common Tasks" and "Advanced".
I'm going to write them my opinion on this, hopefully they will agree with me.

{QUOTE-> Actually, yes ;) <-QUOTE}
Well good ;D

{QUOTE-> DickDiver :
You have to set the alert level up. Check in fw-advanced-'one of the two last options' (i'm not looking at it right now)
If you missed this, i highly recommend you to regard Defense+ as a execution blocker only, and forget about it, so you can learn the firewall. Navigate the Firewall tab, look at the options, read the help. <-QUOTE}


Thank you! it works and I am very much satisfactioned by the FW. Lite and doing its job and FREE!

PS: Somebody using it still with comodo boc especially is there any need to do so with defence+?

Let me clarify my position on Comodo 3.0. My view is a firewall does not need to be monitoring activity that is not related to connecting to any network, period.

Furthermore, a HIPS that takes a shotgun approach is probably going to be useless to the majority of users, regardless of whether it provides perfect security when used properly, and properly is the operative term. Additionally, a security utility that whitelists a PC should do it in the most efficient way, by a system scan. Examples of this behavior are Online Armor and Anti Executable.

I believe an average computer user is subject to risks when using a product like Comodo 3.0 simply because he will become overwhelmed by the complexity of the thing and give an inappropriate response to a warning when concentrating on some other task. In varying degrees this is true of all personal firewalls that attempt to be leak proof.

Perhaps Comodo 3.0 is meant to be a demonstration program of just what is possible, and a test bed for future products to be sold by Comodo. However, I would really prefer a maintenance release of 2.4.

Comodo V3 is gone from my PC, not to return.

Without warning I was locked out of all my folders, did not have permission to access, could not even shut down.

I was able somehow to get into Control Panel and Remove Programs and uninstall Comodo (sort of) and reboot.

I deleted the Comodo Folders from \Program Files\ and elsewhere, cleaned it out of the registry, rebooted, and yet Windows Security Center still reports it as active.

I took the plunge to try Comodo v3. This is the first firewall I have used other than Outpost since v2 so it has taken some time to get used to. It is running very light and no problems so far. I have not had that many pop ups. I've spent more time in trying to figure out how it works but I think I finally got it down.

It's runny great on XP with Nod v3. IT can be set to run as easy or as hard as you want it to. I prefer the hard.

Great firewall for being free.

it would be nice if they release d+ as a standalone application. i dont like this concept of firewalls with hips intregrated and vice versa.

it doesnt make a difference, because after installation(or maybe even during installation) u can choose to disable it/ permanently deactivate it, the only difference is u dont have to install 2 programs, u only need 1. the only reason ud need the standalone HIPS is if u dont need the firewall

Defense+ is in approximately the same HIPS category as Prosecurity, System Security Monitor, & EQSecure.

D+ is incredibly powerful. D+ can give adequate protection as we move further into the era of *New Wave* malware that increasingly finds ways to either skirt &/or disable blacklist-based protection.

The New Wave of malware (e.g. storm, polymorphs, metamorphs, etc.) dictates the current or near-term-future use of full-bore "paranoid" security software such as D+.

In my half-baked opinion (in light of the New Wave), the way to go is ---

#1- Install a good NAT/SPI router
#2- Install a good HIPS, tolerate the pop-ups, & LEARN how to deal carefully with them.
#3- Full-image the systems hard drive at frequent intervals
#4- Do recreational surfing & software try-outs in a sandbox/shadow-mode

As to #2 above (even though I am an ardent SSM fanboy) I must concede that D+ will probably be maintained more vigorously, & sustain its existence longer, than any of the other choices.

BOTTOM LINE- Assuming that one has a NAT/SPI router, a *feasible alternative* would be to install Com3 with D+ activated & the firewall curtailed or disabled.

I reckon a classical hips like Defense + in a popular firewall (esp. for novices) is going to be a disaster. :-\

After the learning mode, there's still going to be popups galore and most people won't understand half of the popups. ???

That's why I've gone back to 2.4 8) I just don't have the time to go through hundreds of Defense + alerts, esp. when the software isn't in the whitelist.

wow, has no one ever heard of the deactivate permanently option?

HIPS can be disabled during installation. I hate it too and i'm using only firewall.
No problems.

I'm using Kerio 2.1.5 and SSM, the system impact feels like 0%, I really wonder what 'advantage' this Comodo stuff has ? I feel perfectly secure, my system is super-responsive, I don't know what I'm missing. Oh well, perhaps some people actually enjoy trying to "fix" the problems something like the always super-bugged Comodo stuff.

Besides, why are marketeers so eagerly luring everyone to their POS firewall ? What revenue to these guys make ?

Why are these firewall-testing sites so blinded by the sole example of leaktesting ? What about system impact, stability, and clumsy configuration of those ""Perfect"" tools ?!?

Seems like the ages of computer use are nearly over, today we fill most of our computer-time with clicking popups and buggers of our beloved Comodo firewall. Oh well, perhaps some now feel perfectly secure with their buggy thing. :blink:

Hmm. Many problems reported.
For my part, I installed it two days ago, had a problem with the updater, that was resolved after reading a comodo forum post about it-ironically by manually applying the update to ver 268 that wouldn't download automatically- and haven't had a problem since.
The help menu is comprehensive, and written in a way that is suitable for me- somewhat inexperienced in FW setup and a beginner/intermediate user - straightforward to understand.
It is in "training" mode, the only irritations I'm not sure how to deal with involve other applications creating temporary files during their own updates. I've found that looking at the "files waiting your review" list has reached a maximum of about 45. Selecting "purge" (with the checkboxes all unticked) will remove those that are no longer valid. The few that have remained I have been able to make a decision on without (much) confusion. Where uncertainty has occurred, I've simply left them for now, to find them not present after the next reboot, or investigated themn and moved them.
Using XP Home, S2, with Avast home AV (no problem at all) and SpywareTerminator, HIPS disabled. (Getting to many similar alerts form both programs.
I'll use this configuration for a time, read a bit more, test a bit more, then decide which of the HIPS to use. But as of now, Comodo's looking pretty good.

{QUOTE-> HIPS can be disabled during installation. I hate it too and i'm using only firewall.
No problems. <-QUOTE}
I installed with the firewall option, no D+ and set it for average user. No problems until I was using my Outlook 2003 reading and sending e-mails. When as I tried to send an e-mail I got a pop up saying Outlook wants to access the internet, so I clicked OK. The e-mail continued to try to send and I got another pop up, and similtaniously an Outlook error can't access STMP or something similar. Then the same thing kept happening over and over. To make a long story short, it's definetely caused by v3. Now I have v3 set to learning in safe mode, D+ disabled, and I clicked average user, so it's supposed to make default rules as far as I know. I have a feeling the Outlook rule has to be changed or something, but I haven't got a clue about that stuff. If someone can understand my problem, can they give me instructions to fix the Outlook send problem for me? Thanks:wacko:

There are ways to configure email client (and other) rules, but possibly the easiest way- if somewhat messy- is to send a message again, say, a test message to yourself, and when the alert pops up make sure the "remember this decision" is ticked; bottom left of the alert window, and allow it. You may have to answer two alerts.
Similar thing happened to me, I think the email client "gets impatient" waiting for access, so says it can't send the message. Hasn't happened since.
Hopefully a guru will post instructions on how to safely create rules for this sort of event.

{QUOTE-> There are ways to configure email client (and other) rules, but possibly the easiest way- if somewhat messy- is to send a message again, say, a test message to yourself, and when the alert pops up make sure the "remember this decision" is ticked; bottom left of the alert window, and allow it. You may have to answer two alerts.
Similar thing happened to me, I think the email client "gets impatient" waiting for access, so says it can't send the message. Hasn't happened since.
Hopefully a guru will post instructions on how to safely create rules for this sort of event. <-QUOTE}
Thanks for responding. Every popup has already been checked to remember when it comes up. After trying to make it work several times I checked and each attempt was listed in the window where it's logged (forgive me I can't remember the name of the window at the moment.

This sort of thing tends to make us regular users feel a bit dumb.
Another thing you could try is to answer the alert using the menu within "treat this as" (options). One of the options is trusted application. I think it would be wiser to set rules for this program, though, using the protocols appropriate to it. I'm (sort of) happy to do that myself, but not knowledgeable enough to confidently advise someone else.
Have you asked this question at the Comodo forum? They're pretty helpful.

{QUOTE-> This sort of thing tends to make us regular users feel a bit dumb.
Another thing you could try is to answer the alert using the menu within "treat this as" (options). One of the options is trusted application. I think it would be wiser to set rules for this program, though, using the protocols appropriate to it. I'm (sort of) happy to do that myself, but not knowledgeable enough to confidently advise someone else.
Have you asked this question at the Comodo forum? They're pretty helpful. <-QUOTE}
I haven't went to the Comodo forum yet, they're kind of snowed right now. I'll try the treat this as first. I'll post my results later. Thanks

i have not experienced a signle problem yet

How long should I have it on training mode??? I have all my applications good to go through it.

{QUOTE-> i have not experienced a signle problem yet <-QUOTE}
It's bad luck to say that.

Ok I'm not a techie, so someone please just answer me this question. Do the pending files in Comodo work or not while they are pending? And if they do work, then what exactly is "pending" before I approve them?

Anyone on their way to the Comodo forum please remember to ask them to do a maintenance release on 2.4. Don't forget to turn out the lights either.

{QUOTE-> Ok I'm not a techie, so someone please just answer me this question. Do the pending files in Comodo work or not while they are pending? And if they do work, then what exactly is "pending" before I approve them?
<-QUOTE}

Snapshot is from the excellent help file. To get straight to it, click on "what do these settings do" when you have the pending files window open.

Basically, in training mode, the files won't be blocked by defense+. Unless you move them to the block list. Suggest first, with no boxes checked, select "purge", to eliminate those that are no longer valid. Then look at those remaining. If in doubt, select "lookup". If no doubt, move them to the appropriate list.

Suggest also maybe not using Defense+ without having a wee look at the help files. I'm not a techie, either, I shouldn't even be qualified to answer this.
The help files are excellent (nudge nudge wink wink.) :)

{QUOTE-> How is NOD32 V3 and CFP 3 getting along? Anyone running both? <-QUOTE}

Well, I tried it & it works okay. Comodo Firewall version is really excellent in my opinion.:thumb:

Where do I find all installed applications allowed/denied internet access? I can see I can add a new trusted application and add a new blocked application but where do I find those already allowed/blocked within Comodo to review?

{QUOTE-> How is NOD32 V3 and CFP 3 getting along? Anyone running both? <-QUOTE}


Comodo auto updated this morning, running with NOD32 v3.0 and the Defender + option and everything seems to be running fine.

Edit: CFP failed the leaktest, but I have to wonder if it's not NOD's fault?

http://www.wilderssecurity.com/showthread.php?t=192305

{QUOTE-> Most likely the [desktop] icon was made to open the firewall when it is closed but not to open the gui which the tray icon is for. <-QUOTE}

Yup, that's how it works.

Comodo with defense+ disabled is the same that Kerio 2.15. A safer way is keep comodo in training mode but add internet programs to My Pending Files.

Just upgraded to Comodo Firewall 3. Does Defense + essentially replace BoClean or do I still need both running? They sound similar to me.

{QUOTE-> Where do I find all installed applications allowed/denied internet access? I can see I can add a new trusted application and add a new blocked application but where do I find those already allowed/blocked within Comodo to review? <-QUOTE}
Do you mean ' firewall > advanced > network security policy > application rules'

{QUOTE-> Just upgraded to Comodo Firewall 3. Does Defense + essentially replace BoClean or do I still need both running? They sound similar to me. <-QUOTE}

BOClean detects, kills and cleans certain malware that it reads from its data base, "black list". Thus it works like a classic anti-virus yet targets not viruses per se but other kinds of malicious programs, like trojans, root-kits, and the like, stuff that a good AV will also target but which doesn't always. Thus, it is an adjunct to your AV. It's primary limitation is that it is based on a list that you must download regularly (done automatically, if you want); I don't think it has much of a behavior analysis heuristic function, but maybe it does.

The Comodo Defense + is a HIPs application (working together with the classic firewall features of CFP). HIPS will check executibles -- ALL .exe, .coms, and such files -- against a whitel list that you yourself help to build. If there is no rule to allow the executible to run, it will ask you to give your permission (to set a rule).

So the while the anti-malware BOClean and the HIPS function of Comodo 3.x may fulfill the same result -- stopping malicious programs from running -- they do it in different ways.

At least this is my rudimentary understanding. Others more expert can add something to this, I'm sure.

Hope it helps.

SamSpade

|||

Thanks Sam!

So now the question is do they both essentially work on the same programs? Would it be overkill to have both Defense+ and Boclean running at the same time?

{QUOTE-> I haven't went to the Comodo forum yet, they're kind of snowed right now. I'll try the treat this as first. I'll post my results later. Thanks <-QUOTE}
Update: I tried the "treat this as" and chose trusted in the drop down menu with no success. According to the COMODO thread "outlook express" this seems to be affecting Outlook Express and Outlook as well. I have no problem in v2.4 and no outgoing mail in v3 so I think its a screwed up setting in v3 right? Luckily I have FDISR and have v3 on the primary snapshot and v2.4 on the secondary snapshot so I can go back and forth between versions. So far I have only seen opinions in the Comodo forum and no instructions of how to fix this. :-\

Using Outlook with no problems, maybe affected by other software

I am one of many people - as can be seen in the Comodo support forum (when it is accessible :o check out the thread "v3 and BOClean ") - who had the misfortune to assume that Comodo Firewall 3.0 would be compatible with Comodo BOClean ::)

In reality, with default settings during installation, the firewall simply fired off pop up after pop after pop up after pop up ... in relation to BOClean, demonstrated a complete inability to learn (this led me to think that perhaps I had inadvertently installed the first of a new type of security software, idiotware) and amazingly regarded BOClean as some strange, unrecognized - and unrecognizable - potentially dangerous interloper; my machines were dysfunctional in this condition. Faced with a choice between disabling various functions on the firewall (without really knowing what the implications of doing so would mean for my security and far too irritated to wade through the help file), uninstalling BOClean (which has been keeping a reliable eye on me for several years) or uninstalling the firewall, I chose the last option. Needless to say, the firewall failed to uninstall properly and clean up after itself, so the XP security centre continues to register the presence of the firewall even though it has supposedly been removed. As the thread in the Comodo forum demonstrates, my lousy experience of this firewall with Comodo BOClean - this is by no means the only problem - is not unusual and is shared by several others.

Frankly, any confidence I had in Comodo has been shattered by this experience: if they cannot get the relationship with their own software right, then what confidence can I have in anything this software is supposed to do - the answer is ZERO, so not only have uninstalled this new firewall but I have removed the previous version as well.

Not alphaware, not betaware, but awfulware.

{QUOTE-> Thanks Sam!

So now the question is do they both essentially work on the same programs? Would it be overkill to have both Defense+ and Boclean running at the same time? <-QUOTE}

Well, that's a matter of opinion: how much is "overkill"?? That would depend on your personal comfort level with the security you have in place. Comodo makes them both now, so they should play together well. BOClean uses about 7 to 12 RAM and will kick in regularly to check files that are being accessed or executed, so a fair amount of cpu time is being used when that happens; but it is usually a quick burst then gone. I haven't used Comodo 3 yet, so I cannot comment on how much of resources it uses. I've gathered that it is very tight and comprehensive on analyzing the files you access, so it may be enough to use w/out BOC.

Why don't you try them singly, then together, and make up your own mind.

Sam

|||

my CPU usage is usually at a max CPU usage of 2 or 3% and Comodo 3 takes up about 3k-8k of RAM usually in the lower area

{QUOTE-> I am one of many people - as can be seen in the Comodo support forum (when it is accessible :o check out the thread "v3 and BOClean ") - who had the misfortune to assume that Comodo Firewall 3.0 would be compatible with Comodo BOClean ::)

In reality, with default settings during installation, the firewall simply fired off pop up after pop after pop up after pop up ... in relation to BOClean, demonstrated a complete inability to learn (this led me to think that perhaps I had inadvertently installed the first of a new type of security software, idiotware) and amazingly regarded BOClean as some strange, unrecognized - and unrecognizable - potentially dangerous interloper; my machines were dysfunctional in this condition. Faced with a choice between disabling various functions on the firewall (without really knowing what the implications of doing so would mean for my security and far too irritated to wade through the help file), uninstalling BOClean (which has been keeping a reliable eye on me for several years) or uninstalling the firewall, I chose the last option. Needless to say, the firewall failed to uninstall properly and clean up after itself, so the XP security centre continues to register the presence of the firewall even though it has supposedly been removed. As the thread in the Comodo forum demonstrates, my lousy experience of this firewall with Comodo BOClean - this is by no means the only problem - is not unusual and is shared by several others.

Frankly, any confidence I had in Comodo has been shattered by this experience: if they cannot get the relationship with their own software right, then what confidence can I have in anything this software is supposed to do - the answer is ZERO, so not only have uninstalled this new firewall but I have removed the previous version as well.

Not alphaware, not betaware, but awfulware. <-QUOTE}

Hi, this is a reply to all of those with constant popups for any security program. You must set that program as trusted so it is allowed to do whatever it wants. This setting does not diminish any security, comodo will still alert you if another program is trying to access it. At first i was annoyed as to why comodo kept asking to allow everytime i downloaded a file from opera. I then thought about the "Trusted application" predefined rule and used it.....my problems disappeared. I think most problems could be gone if comodo put in some sort of quick start guide for those who hate help files :D.

I using it with kaspersky now & it works great.

{QUOTE-> I am one of many people - as can be seen in the Comodo support forum (when it is accessible check out the thread "v3 and BOClean ") - who had the misfortune to assume that Comodo Firewall 3.0 would be compatible with Comodo BOClean <-QUOTE}

I'm another Comodo V3 user that struggled with trying to make BOClean compatible with Defense+ HIPS. I managed to get a barely-workable workaround - if I were willing to kill Defense+ while I updated BOClean. I gave up on BOClean with V3.

There is supposed to be (per Comodo Forum) some effort toward creating a 'Comodo Suite' combining Firewall/HIPS/AV/AS functions - while still offering separate stand-alone component versions. From that effort, I would expect that a V3-compatible BOClean may appear.

I'm really too ignorant to know whether the Defense+ offers protection equal to BOClean. I just feel comfortable with multi-layered defense and would have 'felt better' if Boclean were compatible with Comodo V3 HIPS.

BoClean is a waste with the new Comodo. Disable balloon tips if you dont wanna be bothered.

{QUOTE-> Hi, this is a reply to all of those with constant popups for any security program. You must set that program as trusted so it is allowed to do whatever it wants. This setting does not diminish any security, comodo will still alert you if another program is trying to access it. At first i was annoyed as to why comodo kept asking to allow everytime i downloaded a file from opera. I then thought about the "Trusted application" predefined rule and used it.....my problems disappeared. I think most problems could be gone if comodo put in some sort of quick start guide for those who hate help files :D. <-QUOTE}

I'm afraid it is not as simple as that - as several posters in the thread relating to BOClean in the Comodo forum have noted http://forums.comodo.com/help_for_v3/v3_and_boclean-t15376.0.html
The fact is the firewall seemed incapable of responding logically to anything and I was not inclined to accommodate its apparent idiocy by removing a tried and trusted security application.

{QUOTE-> Yiiiiiiiiii!

I just reformatted and have logged up 1912 files for review? :blink: <-QUOTE}

I had a huge list of files for revue also. There is a purge option which will remove all the entries which do not need to be reviewed, as the files are no longer present.

Comodo takes long time to fully load compared to other firewall but it doesn't slow down the loading of the programs. These is the time (Not very scientific - only one run) for boot up and open Opera browser in my computer:

Kerio 2.1.5 - 1:49
Windows FW - 1:38
Comodo 3 - 1:50

Hi,

Comodo's icon seems to appear the last onto system tray area, ZA has a similar situation too.

Just wonder whether its protection function has been initiated the moment window boots up or has to wait until icon shows up ?

Take care.

{QUOTE-> Hi,

Comodo's icon seems to appear the last onto system tray area, ZA has a similar situation too.

Just wonder whether its protection function has been initiated the moment window boots up or has to wait until icon shows up ?

Take care. <-QUOTE}
Protection is on but gui is not yet.

I've used Comodo 2.4 for quite a while and been very happy with it. I have tried the upgrade for the last two days. I've always like Comodo's minimal system overhead, but I just can't believe that the new version isn't slowing things down a little bit. Maybe that's a price you have to pay for the added protection. Just "how risky" is it to run Version 3 with Defense Plus turned off? Any opinions?

pb.

{QUOTE-> I've used Comodo 2.4 for quite a while and been very happy with it. I have tried the upgrade for the last two days. I've always like Comodo's minimal system overhead, but I just can't believe that the new version isn't slowing things down a little bit. Maybe that's a price you have to pay for the added protection. Just "how risky" is it to run Version 3 with Defense Plus turned off? Any opinions?

pb. <-QUOTE}
I am confused. You said it isn't slowing things down and its a bad thing?
It is pretty risky. Most new viruses use other programs to access the internet.

Despite what the manual says Comodo doesn't seem to check the checksum of the executables.
I replaced in safe mode the Opera executable with another program (a small autoit program written by me) that access internet. After rebooting in normal mode I executed 'Opera' (actually the other program) and Comodo allowed the program to execute and access internet without any prompt :wacko: ??? :thumbd: . (Image Execution was set to Normal)

Can anyone else repeat the experiment (leaktest.exe is not suitable as triggers a heuristic alert) and report the findings?

{QUOTE-> Despite what the manual says Comodo doesn't seem to check the checksum of the executables.
I replaced in safe mode the Opera executable with another program (a small autoit program written by me) that access internet. After rebooting in normal mode I executed 'Opera' (actually the other program) and Comodo allowed the program to execute and access internet without any prompt :wacko: ??? :thumbd: . (Image Execution was set to Normal)

Can anyone else repeat the experiment (leaktest.exe is not suitable as triggers a heuristic alert) and report the findings? <-QUOTE}
You've set opera.exe as trusty, right ?

Ain't that a great thing, using Comodumb 3 you either give it all freedom to do whatever it wants OR you have to answer a few thousand popups.

Be clever, dump that marketed hype and get yourself a GOOD hips. ;)

{QUOTE-> Despite what the manual says Comodo doesn't seem to check the checksum of the executables.
I replaced in safe mode the Opera executable with another program (a small autoit program written by me) that access internet. After rebooting in normal mode I executed 'Opera' (actually the other program) and Comodo allowed the program to execute and access internet without any prompt :wacko: ??? :thumbd: . (Image Execution was set to Normal)

Can anyone else repeat the experiment (leaktest.exe is not suitable as triggers a heuristic alert) and report the findings? <-QUOTE}

wow i wonder what Comodo staff says on this ... ???

{QUOTE-> You've set opera.exe as trusty, right ?
<-QUOTE}

No. Opera is allowed TCP Out 80/443 UPD Out 53 and no special permissions in defense+. Firewall is in custom mode and defense+ in paranoid mode.
I removed the 'executable' group from my protected files but that didn't prevent comodo from asking about modification when I tried to rename the opera executable. Anyway even disabling monitoring of protected files shouldn't cause the problem as the 'Image Execution Control' is the responsable of checking the checksum.

I will test again with the executable group in my protected files.

Please do so and inform us.

I tested again with "executables" group in "my protected files" and this time "image execution control" set to aggressive. Result: several prompts when running other programs but none when executing the program that replaced Opera!

I if make the change in normal mode rather than safe (the execution is always done in normal mode), I get several prompts when renaming (manually) the EXEs but none informing about a change in the checksum or anything else when the "new" program runs!

It can be a problem with my computer. That's why I'm asking somebody else to repeat the test.

EDIT: I found this: https://forums.comodo.com/cfp_beta_corner/md5_or_crc_checking_for_modified_executables-t12362.0.html;msg95782#msg95782
It's about 3.0.0.229 Beta

{QUOTE-> Hash based systems such as CPF 2.4 do not have their own file system monitors. Thats why they have to keep hashes. CFP 3 has real time knowledge of the changes in the file system thus it does not need to keep hashes. <-QUOTE}

However if that is true in current version then contradicts the documentation.

I don't know if this is pertinent, but i tried renaming TCPView as "Mozilla Firefox", and i got a prompt for "Mozilla Firefox" accessing DNS. I had a rule for TCPView already. I have D+ disabled, only firewall.

Is this the same?

I placed TCPView in Firefox's folder, renamed it "firefox", used ff's shortcut, then opened Spybot to update (tcpview will look up the ip address) and had no prompts (i had deleted tcpview's rule before). The icon for firefox in the application rules was changed to TCPView's....

I'm now uninstalling it, i don't understand this behavior.

I hope this is clarified, or fixed. Either way v3 is on hold for me. :-\

{QUOTE-> You've set opera.exe as trusty, right ?

Ain't that a great thing, using Comodumb 3 you either give it all freedom to do whatever it wants OR you have to answer a few thousand popups.

Be clever, dump that marketed hype and get yourself a GOOD hips. ;) <-QUOTE}

ChicknDip. It is your every right to not like this product. But please refrain from these less then civil types of remarks. Move on or go to the comodo forums and make requests about the product.

Thanks,

Pete

{QUOTE->
I'm now uninstalling it, i don't understand this behavior.

I hope this is clarified, or fixed. Either way v3 is on hold for me. :-\ <-QUOTE}

According to my test and that thread (I edited my previous post) in the comodo beta forum CFP3 doesn't check the hash but relies on the file monitoring to detect/prevent unauthorized modification. That isn't a problem by itself but the help file says the Image Execution Control checks the hash, so either it's a overlooked bug or the documentation is incorrect. Both cases may lead the user to made wrong decisions like disabling or ignoring the file monitoring.

Anyway as both Image Execution Control and file monitoring are part of defense+, running CFP3 with it fully disabled (but I'm not sure if deactivating it disables it completely) can be actually worse in leaktest performance than e.g. Kerio 2.1.5

It still doesn't make sense imo if that's the case.

{QUOTE-> Comodo with defense+ disabled is the same that Kerio 2.15. A safer way is keep comodo in training mode but add internet programs to My Pending Files. <-QUOTE} LooL, not really safe and also the long initialization that can last up to 10 minutes doesn´t take much to enforce security level.

Warning... heads up on V3

http://forums.comodo.com/help_for_v3/cfp_v_3_two_horror_stories-t15822.0.html

Since I posted a link to this thread elsewhere, Here (http://forum.notebookreview.com/showthread.php?t=190230) is the corresponding back link.

There's some additional experiences with Comodo V3 described in that thread.

Anyone wanna take a try at skinning?

Windows XP

C:\Documents and Settings\"Username"\Application Data\Comodo\Firewall Pro\Data\ResFiles

Windows Vista

C:\Users\"USERNAME"\AppData\Roaming\Comodo\Firewall Pro\Data\ResFiles

And you need to show hidden files.

Show off your work if you have done anything :D.

I am getting no issues with Comodo. Then again I dont use Avast. Comodo 3.0 works great along side NOD32 3.0

{QUOTE-> Since I posted a link to this thread elsewhere, Here (http://forum.notebookreview.com/showthread.php?t=190230) is the corresponding back link.

There's some additional experiences with Comodo V3 described in that thread. <-QUOTE}
You seem to be a ZA freak. Have you look at your resource using. ZA uses around 36k-39k. Comodo only around 10-15k.

{QUOTE-> You seem to be a ZA freak. <-QUOTE}Not at all{QUOTE-> Have you look at your resource using. ZA uses around 36k-39k. Comodo only around 10-15k. <-QUOTE}OK. That is insignificant to me. You are talking differences in K, not even M, and I have G. Who's freaking here?

{QUOTE-> Not at allOK. That is insignificant to me. You are talking differences in K, not even M, and I have G. Who's freaking here? <-QUOTE}
K is what is in "taskmanager".

actually ive used ZA firewall and it takes only around 9-10k but CFP v3 takes up 3-8k

{QUOTE-> Not at allOK. That is insignificant to me. You are talking differences in K, not even M, and I have G. Who's freaking here? <-QUOTE}

For some reason people often call thousands of KBytes as "K" rather than Megabytes or Mebibytes.

{QUOTE-> but I'm not sure if deactivating it disables it completely <-QUOTE}

At least file monitoring is still on for some files, that can be a Good-Thing™ if you don't have a HIPS or a Very-Bad-Thing™ if you have one.

Zone Alarm Anti-spyware which has the same Triple Defense Firewall as the Pro version, runs anywhere from 23 to 44 K on my 512MB Ram PC, but System Idle Process stays between 98 and 99 CPU Usage which is what I care about. I want desperately to give Comodo Pro 3.0 a try, but I honestly think it needs a few more program updates before it can be fully trusted to run all right. This isn't meant to put down Comodo 3.0, as I felt the same way about Zone Alarm at one time and this was after many releases. LOL.

{QUOTE-> Zone Alarm Anti-spyware which has the same Triple Defense Firewall as the Pro version, runs anywhere from 23 to 44 K on my 512MB Ram PC, but System Idle Process stays between 98 and 99 CPU Usage which is what I care about. I want desperately to give Comodo Pro 3.0 a try, but I honestly think it needs a few more program updates before it can be fully trusted to run all right. This isn't meant to put down Comodo 3.0, as I felt the same way about Zone Alarm at one time and this was after many releases. LOL. <-QUOTE}
I actually agree:thumb: . Wait next week when major bugs are fixed.

{QUOTE-> I actually agree:thumb: . Wait next week when major bugs are fixed. <-QUOTE}
Do they know what all the major bugs are yet?

http://www.wilderssecurity.com/showthread.php?t=192066

http://forum.notebookreview.com/showthread.php?t=190230

{QUOTE-> I want desperately to give Comodo Pro 3.0 a try, but I honestly think it needs a few more program updates before it can be fully trusted to run all right. This isn't meant to put down Comodo 3.0, as I felt the same way about Zone Alarm at one time and this was after many releases. LOL. <-QUOTE} LoooL ;D ;D
Indeed. As I said appinit is too vulnerable Comodo should go deeper into the kernel it also lacks of speed, they are too slow but still much better then ZA. LooL.

ggf31416: Egemen replied. It is supposed to intercept the changes as they happen (like you said, file protection etc.) even with D+ off. But if you allowed explorer.exe to modify protected files, and use it for this test, you won't be prompted.
This raises other questions for me, i'm still not totally convinced of not needing hashes. I replied and wait further clarification.

I have just downloaded v3 and I have to admit I do not know ow to set it up. Is there a tutorial for setting it up or is it safe to use with the default settings. Would someone post a reference on suggested settings?

{QUOTE-> ggf31416: Egemen replied. It is supposed to intercept the changes as they happen (like you said, file protection etc.) even with D+ off. But if you allowed explorer.exe to modify protected files, and use it for this test, you won't be prompted.
<-QUOTE}

By default explorer.exe is allowed to do almost everything. If you think that it's too permisive you can change the permissions from allow to ask or block.
Of course, I changed that before doing the tests and as I said I received the prompts under normal mode.

Explorer SHOULD be allowed to do a lot. Even if you make your own rules, a lot is allowed. If Firefox gets modified due to my rules, i'm not notified. It will take me a while to sink in this notion of no hash used.

{QUOTE-> Explorer SHOULD be allowed to do a lot. Even if you make your own rules, a lot is allowed. If Firefox gets modified due to my rules, i'm not notified. It will take me a while to sink in this notion of no hash used. <-QUOTE}
I routinely assign ? to Windows Explorer in ZoneAlarm, which means Ask, and it never does. Explorer does not need authorities.

{QUOTE-> I routinely assign ? to Windows Explorer in ZoneAlarm, which means Ask, and it never does. Explorer does not need authorities. <-QUOTE}
We're discussing files and Defense+, NOT the Firewall and application rules.

{QUOTE-> I have just downloaded v3 and I have to admit I do not know ow to set it up. Is there a tutorial for setting it up or is it safe to use with the default settings. Would someone post a reference on suggested settings? <-QUOTE}
I don't know if you got this answered yet, so I'll suggest you check out this thread..
http://www.wilderssecurity.com/showthread.php?t=192066
Also go to the Comodo forum and check out the information provided by them. Hope this helps.

Can anyone test CFP v 3 against this keylogger? Thanks

http://www.wilderssecurity.com/showthread.php?t=193247

{QUOTE-> Can anyone test CFP v 3 against this keylogger? Thanks

http://www.wilderssecurity.com/showthread.php?t=193247 <-QUOTE}
Amazing little test. Comodo alerts, yet cannot block it.

See video: http://screencast.com/t/aAaB0l9Q1

Thanks Coolio. Can u post on their forums?

Thanks

{QUOTE-> Thanks Coolio. Can u post on their forums?

Thanks <-QUOTE}
I've already posted 4 hours ago here: http://forums.comodo.com/leak_testingattacksvulnerability_research/keylogger_test_failed-t16489.0.html

Thanks. U r quick!

{QUOTE-> Thanks. U r quick! <-QUOTE}
Hope they will be as quick as I was in fixing the issue. ;D

I don,t think so! ;D

{QUOTE-> I don,t think so! ;D <-QUOTE}

Well, according to pykko, it's been fixed by Comodo ;D

Al (I wonder why he did not mention it here) Adric

The GRC leaktest seems to be totally useless as it claims to be able to connect to the GRC server via Comodo even with my USB modem disconnected!!

{QUOTE-> The GRC leaktest seems to be totally useless as it claims to be able to connect to the GRC server via Comodo even with my USB modem disconnected!! <-QUOTE}

Now THAT's some powerful code!

With Kaspersky A/V enabled but USB modem disconnected leak test claims to be able to connect to the server!!

http://i112.photobucket.com/albums/n165/bluenile35/sshot-1-11.jpg

BUT, with Kaspersky Anti-Virus disabled and USB modem connected Comodo shows the outgoing attempt and blocks it.

http://i112.photobucket.com/albums/n165/bluenile35/sshot-2-1.jpg

So, Kaspersky is fooling the dumb leaktest into thinking it's the GRC server and apparently the same thing happens with NOD32 which also uses a proxy..

{QUOTE-> Well, according to pykko, it's been fixed by Comodo ;D

Al (I wonder why he did not mention it here) Adric <-QUOTE}
That,s good!

{QUOTE-> Well, according to pykko, it's been fixed by Comodo ;D

Al (I wonder why he did not mention it here) Adric <-QUOTE}
Sorry... I forgot about this topic.
The keylogger is now succesfully blocked with the new version. I was very surprised and very pleased they reacted so fast. There is a dedicated team there and Comodo has raised in one year as others in ten. (taking into account it has been released for the first time in march 2006). :)

{QUOTE-> The GRC leaktest seems to be totally useless as it claims to be able to connect to the GRC server via Comodo even with my USB modem disconnected!! <-QUOTE}
There is something wrong on your settings. For me Comodo blocks and pass this test. :) (see attachments)

If I turn Kaspersky A/V off it passes but that's not really much help!

I just put this on a friends PC. He wanted a good free setup so I gave him this and Avira PEC, they are working great together. I really don't see what all the fuss is about Comodo 3. Based on what I've heard I was expecting a nightmare, but everything is going smoothly. I really don't think it's that complicating, but then again I learned SSM and the two are somewhat similar. I think this is a great product. I'm not getting bombarded with popups at all, it's mostly just balloons stating that it's "learning" this or that, but they can be turned off. There were only 2 files waiting to be reviewed. Two. I notice no slowdown whatsoever.

I'm really liking it. When my KIS 7 license runs out I'll seriously consider using it.

Hi, folks:

Is the most recent version is 3.0.14.273 ?

I am still using 3.0.13.268. and its updater can not return with an update.

{QUOTE-> Hi, folks:

Is the most recent version is 3.0.14.273 ?

I am still using 3.0.13.268. and its updater can not return with an update. <-QUOTE}I think Melih has the link for the download on the Comodo FW CFP3 forum help link. The first entry on the top of the page.

{QUOTE-> Hi, folks:

Is the most recent version is 3.0.14.273 ?

I am still using 3.0.13.268. and its updater can not return with an update. <-QUOTE}

3.0.13.268 is the most recent version. 3.0.14.273 is planned for release later this week. 3.0.14.273 was only a test version issued to people having major problems with the previous version.

More info here

http://forums.comodo.com/help_for_v3/please_tell_us_if_v3_didnt_work_for_you_here_you_can_get_a_test_version_look_at_the_poll-t16546.0.html

Hi, Guys

Thanks. I will wait for the good news, although I have no problems with the current one (with Defense+ disabled).