Avast Firewall or Comdo Firewall & Defence +

[AMD]

Hi,

I started off with Avast IS7 with the firewall disabled and Comodo Firewall and Defence + but now I just have all Avast active.

Just wondering which performs better.

I must admit I did like the pop ups in Comodo advising changes etc as it always seemed more comfortable seeing something is protecting you rather than silently working in the background. I have Winpatrol + too which has alerts every so often which again I like but I am not sure I am getting rthe best out of it - some reading up required !

Any comments appreciated.

Andy

[KelvinW4]

Well if you have D+ and the firewall you will be pretty well protected. If you want to use Avast's firewall it is okay and will strain less resources at the cost that you will be a bit less protected against zero-days.

[Technical]

Defense+ is a HIPS program + Comodo firewall. Works at deny all policy. Popups.
avast! is an antimalware + firewall. Silent.

[Vladimyr]

You can easily make avast! Firewall more 'talkative' by changing these settings.

[blacknight]

But it keeps a fw, not a full HIPS.

[Technical]

Quote:

Originally Posted by blacknight

But it keeps a fw, not a full HIPS.

Yes. There was never in the plans to become a HIPS

[pintas]

It is my humble opinion that Comodo is better... period.

[Phractal]

Hi all,

I just stumbled over a few threads (old threads to be honest, February, March) saying that Comodo and the new Avast! do not work together correctly on Win 7 x64 OS.

Is that still an issue or has it been resolved? If it still is an issue, is there a workaround or any recommandation for a different AV and FW setup?

Thanks!

[itman]

Comparing Comodo's firewall to Avast's is akin to comparing "apples to oranges."

Do the research and read reviews from reputable sources on both products and make your decision accordingly.

Finally, you can run Comodo's firewall standalone with any other AV of your choice. Avast's firewall is part of it's Internet security suite which is a for pay product by the way.

[TheWindBringeth]

Quote:

Originally Posted by Phractal

I just stumbled over a few threads (old threads to be honest, February, March) saying that Comodo and the new Avast! do not work together correctly on Win 7 x64 OS.

FWIW, I've been periodically looking for signs that the Comodo Firewall shortcoming on Windows 7 has been resolved. Unfortunately, I've only seen more recent comments which indicate that it still exists.

[Lou Knee]

Just an FYI for all concerned.
Perhaps spread the word.

The Win7/Avast/CIS "shortcomings" "issues" "weakness" etc.
Is NOT an issue for Comodo to "fix", Nor is it an Avast "issue" to fix.
(Get that from reading both forums.)
They are both right.

The real problem is lack of user education and understanding of the OSI model and the two disparate technologies, they seem to insist on "layering".

Avast isn't going to change their Web Shield to accommodate a proper Network Layer Firewall. You could pay for their "firewall" for that.
And Comodo won't (I hope) tamper with their Firewall to accommodate Avast's Application Layer proxy/tunnel.

Hope this helps to clear up this ongoing confusion, or at least spur some educational reading.
I will for now withhold my opinion of Web Shields and Web Scanners.

Lou

[TheWindBringeth]

And Comodo won't (I hope) tamper with their Firewall to accommodate Avast's Application Layer proxy/tunnel improve its ability to perform its function when Avast 7 or any other piece of software uses WFP to perform such redirects.

FTFY. Is better, no? Comtraya!

[Kirk Reynolds]

Well, you can include Windows 7 firewall as well. The Web Shield renders it useless.

So is it a MS Windows 7 problem or an Avast problem? Avast isn't going to change their Web Shield to accommodate....(you get the picture)

It's pretty obvious where the problem lies.

[Lou Knee]

Quote:

Originally Posted by TheWindBringeth

improve its ability to perform its function when Avast 7 or any other piece of software uses WFP to perform such redirects.

FTFY. Is better, no?

Is better? No.

Comodo is a rock solid proper firewall. In regards to these issues (non issues) there is nothing to fix/improve.

You can not set up what is in effect a tunnel, then expect a downstream app to provide granular control within the tunnel.

This situation is like a textbook example of the sort of cockup one would have trying to run 2 firewalls simultaneously.

The user must decide. What do I value more, Web Shield or granular application control in the Firewall.
You can't have both, at least with the current implementation of Web Shield.

@Kirk
Thanks for pickin up what I'm puttin down.

Lou

[TheWindBringeth]

IIRC (check me) these problem combinations were mentioned:

Comodo Firewall + Windows7 + Avast7 with new WPF redirect
Windows7 Firewall + Windows7 + Avast7 with new WPF redirect
Private Firewall + Windows7 + Avast7 with new WPF redirect
Windows7 Firewall + Windows7 + Avast6 with old TDI redirect
Windows7 Firewall + Windows7 + Avira (not sure how it redirects)

If Avast7 or Avast6 or Avira can contribute to a problem scenario, then any number of other software programs can contribute to the problem. If that isn't obvious, perhaps worth considering is Lukor's "The method we use is fully supported and documented and from several meetings with other companies I know for sure there are several (if not many) major products out there that use the same - so I guess such fix in Comodo will help not only Avast users but also many others." comment from http://forum.avast.com/index.php?top...9534#msg759534.

So lets add to the above list three more:

Comodo Firewall + Windows7 + OtherSoftware utilizing WPF redirects
Windows7 Firewall + Windows7 + OtherSoftware utilizing WPF redirects
Private Firewall + Windows7 + OtherSoftware utilizing WPF redirects

I don't know anything about Private Firewall but I'm guessing that it, like Windows7 Firewall, simply is not as "full featured" as Comodo Firewall and thus we're talking about at least two different classes of firewall and somewhat different problem scenarios. Bottom line though, I think it should be apparent from the above that Avast is not the problem. Avast could be wiped from the earth and the problem would/could still arise.

The problem, I would say, lies in one or more of the following:

1) Redirection itself and how that impedes a firewall's ability to identify the source(s) of traffic
2) The firewall not utilizing all available means of acquiring the visibility that is required to cope with the redirection
3) The OS APIs (in Windows7 at least) not being sufficient to allow firewalls to gain the visibility that is required to cope with the redirection

[Lou Knee]

Quote from lukor

"Concerning the fix from avast! side: I doubt we would fix this, making changes in the code, so that other firewalls block our traffic is exactly the opposite what we try to do."

hmmmm...


Why would Comodo rewrite their free Firewall adding layers of unnecessary complexity/bloat in order to support techniques/apps that they feel are useless in the first place?

Lou

[TheWindBringeth]

Quote:

Originally Posted by Lou Knee

Comodo is a rock solid proper firewall. In regards to these issues (non issues) there is nothing to fix/improve.

Non-issues? <jackvoice>Oh for crying out loud...</jackvoice> This is a security vulnerability Lou.

Quote:

Originally Posted by Lou Knee

You can not set up what is in effect a tunnel, then expect a downstream app to provide granular control within the tunnel.

Lets not favorably confuse things by painting it as a tunnel where the firewall could only examine downstream traffic. A firewall should have whatever visiblity it NEEDS to have in order sort out this type of OS supported redirection and there are various opportunities (upstream and downstream of the local proxy) for it to monitor what is going on.

Quote:

Originally Posted by Lou Knee

The user must decide. What do I value more, Web Shield or granular application control in the Firewall.
You can't have both, at least with the current implementation of Web Shield.

This isn't Web Shield specific, but fine lets leave that as an example. This is software. A bit narly scenario perhaps due to multiple parties being involved, but it surely can be resolved. In fact, now that I think about it, I think I saw messages at the Comodo forum that it actually has been sorted out on the Windows 8 version.

[Lou Knee]

oops posting at same time.

Before this gets any more messed up.
We must clarify where we're coming from.

A CIS user who opts to use Avast as AV.
vs.
An Avast user who uses only Comodo firewall with no other features.

Big difference when claiming security vulnerability.

Lou

PS. IMO, If it is different in CIS6 or for Win8, that will be good and probably due to some of what you have alluded to, but I can be fairly confident that the changes weren't done specifically to appease Web Shield/Scanner fans. The Comodo camp views them as wasted cycles.

[TheWindBringeth]

Quote:

Originally Posted by Lou Knee

oops posting at same time.
A CIS user who opts to use Avast as AV.
vs.
An Avast user who uses only Comodo firewall with no other features.

Big difference when claiming security vulnerability.

Well in terms of the firewall component having a security vulnerability (which is what I'd call this), I don't see there being any difference. Obviously, though, additional layers of Comodo (or other) protection (if enabled and not overridden) should prevent various threats from achieving a foothold on the system and attempting to redirect-hamper the firewall and/or bypass an existing redirect-hampered firewall. However, someone could for example install CIS and setup firewall rules to lock down software they have installed on their Windows7 machine and then go on to switch over to Avast AV or install some other considered safe software that happens to use redirects. Since that software is desired by the user they will assure it gets installed and once its redirects are up and running the user could possibly lose some protection they had previously setup.

Quote:

Originally Posted by Lou Knee

PS. IMO, If it is different in CIS6 or for Win8, that will be good and probably due to some of what you have alluded to, but I can be fairly confident that the changes weren't done specifically to appease Web Shield/Scanner fans. The Comodo camp views them as wasted cycles.

Well that's fine. The Comodo camp is entitled to its own opinion and need not have a favorable opinion of WebShield type arrangements. Professionally speaking, however, I would expect them to work very hard to resolve the general redirect issue we're talking about. If that requires some help from Microsoft, I would expect them to do their best to get Microsoft involved. This I would most certainly do if I were in their position.