Comodo v3 or Online Armor Free?

- Mobile users (do you carry your router with your laptop?)
- Untrusted LAN. You can have infected hosts in your LAN or you may be part of a large LAN depending on your ISP.
- Fine-grained control over network traffic. Some routers do not offer SPI, they only do NAT. Or configuring the firewall settings of the router is cumbersome/too basic.
But yes, a NAT/SPI box offers very good protection. But people should know that routers aren't "plug and use" devices. They run software, so they can be compromised.
"Blackbox security" doesn't work in the long-term.

 

OA's website refers to OA as a "firewall" instead of "HIPS". In fact, the term "HIPS" rarely appears on OA's website.

Therefore, Easter old bean, I quite understand why you discerned that the OA folks are firewall folks moreso than being hip to HIPS. However, they are quite skilled in BOTH areas. My IT tells me that "firewall know-how" & "HIPS know-how" are pretty much heads & tails of the same coin.

 

Alloha Again bellgamin:

Thanks for reading from the same page of this old bean LoL

I have no qualms or even complaints of either, in fact i like them both for somewhat similar reasons and just because a firewall vendor has advanced int the HIPS fields as they seem to be moving into now, it definitely doesn't mean limitations are imminent by any stretch as regards their HIPS part.

It's to every security conscious user's advantage to be recipient to a COMBO of that nature no doubt, but something still lingers uneasy for me when you mix together silver & lead, and those chemical compounds must be balanced precisely enough to prevent problems now and in the future.

Well, for that matter, even single dimension apps like either a HIPS or FIREWALL alone have experienced their own programming problems in the past and still do to an extent.

Boy, if i was forced a choice between either Comodo D+ or Online Armour right now i would have to invest a lot of time, testing, and effort just to pick one and then i think it would be a very thin line, although RunSafer is a pretty good invention then so is D+ HIPS. But i think lowering the NT rights would carry a little more weight don't you think?

EASTER

 

Lool,
both very good firewalls. If you have two computers just split them, one OA, one Comodo.

 

Networking skills (protocols, etc) is a different knowledge than NT kernel software development

 

How true, with either and both you can't go wrong, they,ve come leaps and bounds from practically little significance in the past to the very height of the best now.

 

Hi,

I have a vague idea that you are comparing OA paid and Comodo 3.
What I'm about to say now is supposed to be confidential because I am an OA paid user. Got that?
As OA free is badly limited (only manual Updates, no Advanced Mode, no Import/Export Settings etc.) I would prefer Comodo 3 as a full featured free program.
I'm out of here...

Cheers

 

Unfortunately tested latest Comodo on Vista64 and 3 Keylogging methods are effective, I thought this problem would be solved but no, Comodo actually vulnerable (again) in terms of Anti-Keylogging.

 

I have a router, so I need outbound protection only, but I hear ProSecurity and EQSecure are very complicated. Is there a program with outbound-only protection and an easy to use HIPS? As in, no more complicated than Online Armor (whose inbound protection I don't need)?

Or, is there a program that offers outbound-only protection, with no HIPS? I could use that with ThreatFire and be content.

 

All you need of Threatfire. You can readily configure Threatfire's advanced rules so that it will offer fully effective outbound protection.

 

True, but where is the thread I think Kees1958 made on how to do this?

 

How do I do that? I saw a post here one time that had a long list of custom rules for ThreatFire, and I thought, ugh, no thanks. Security software shouldn't be that complicated to use. (Besides, other users said it wasn't necessary.) But I'm willing to configure some advanced rules if there aren't many and it doesn't take long.

 

i think you are referring to the custom rules kees1958 created. posted here and here. the super simplified version here. it's really not that complicated at all and requires at most 8 mouse clicks

 

I edited my post as I thought it was Easter that showed how to make the Advanced rules, but I still asked first. LOL.
Seriously though thanks for the reply zopzop.

 

That was so super-simplified that I didn't get it. Then I looked at posts #22 and #23 and it looks like those are what I should follow. The "super simplified version" is just a modification to #23, right? Or am I missing something here?

Anyway, thanks for posting the links, it doesn't look too hard. Still, too bad TF doesn't just provide a single setting that I can click once and be done with.

Also, back on the topic of CFP3 and OA Free, do they have settings to turn off inbound protection? That would be useful to a lot of people, since so many have routers with inbound protection already.

 

IMHO, I wouldn't worry about that. If your router is already stopping unsolicited traffic, then that unsolicited traffic is not even reaching your software firewall. Also, it's good to have inbound protection in your software firewall as a backup, in case a hacker is able to penetrate your router and alter its behavior.

 

What's the liklihood of that happening if my router has WPA? And I use a maximum-length passcode with random characters.

I know that unsolicited traffic isn't reaching my software firewall, which is why I wanted to turn off inbound protection. I thought maybe it would save some system resources to do so.

So I've narrowed my choices to one of these:

1) ThreatFire with custom rules for outbound protection. This intelligent HIPS is quiet until there is an attack. But it can't recognize every attack, and some say it can be defeated easily.

2) Online Armor Free. This classical HIPS is virtually leak-proof and disable-proof, and can probably stop any attack. But I can't recognize every attack, and I may click "yes" on an alert when I should click "no."

3) OA +TF (default settings). This would combine the powerful control of OA with the "second opinion" of TF to back up my own judgement. But these programs have redundant monitoring which may slow the system, conflict with each other, or cause other problems. Some have had problems with this combination, while others haven't.

I can't decide. What would you do in my shoes?

If OA could incorporate TF-like intelligent monitoring, it would be about perfect. As for CFP3, I tried it and it's even noisier than OA, so it's not an option for me.