info sharing

Discussion in 'other firewalls' started by mirzarezre, Feb 14, 2011.

Thread Status:
Not open for further replies.
  1. mirzarezre

    mirzarezre Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    3
    I believe comodo internet security Create a good security for pc.
    because comodo have best HIPS & automatic sandbox.

    But i noticed a problem.

    I run 15 new trojan and worms outside the sandbox in my PC and comodo request their trojan request connect to internet. for example trojan.exe request connect to internet and me allow all request connect.(my setting firewall was custom).

    Then the trojans and worm began their activity. But comodo Was not any warning and No connection was blocked by comodo !

    and then run trojans in other pc that Kaspersky was installed , and allow trojans to connect internet then kaspersky detect network attack and block some connection.

    Please read this:

    http://forums.comodo.com/firewall-help-cis/tcpudp-flood-protection-is-removed-t62969.0.html

    Now On the other hand comodo can not create automatic network policy for known & unknown application. for example yahoo messenger network policy is allow all request !

    http://up.iranblog.com/images/uxcglo2rdxv98z2ph5zn.png

    http://up.iranblog.com/images/3f2sy3b389b346gyr2.png

    But outpost ! for example yahoo messenger network policy is automatic and Accurate . ports policy & Separation video chat voice chat policy &....

    well. Now i think comodo is a low level network control and cant analyzes network traffic.:mad:

    Have a nice time
     
    mirzarezre, Feb 14, 2011
    #1
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    Once you allow it then Comodo assumes that is what you want and let it be. I suspect you will get similar with Kaspersky, or any other FW that allow users to use their brain, if you set it in similar manner. Equally you can set Comodo to make decisions for you
     
    Cudni, Feb 14, 2011
    #2
  3. mirzarezre

    mirzarezre Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    3
    I understand your answer.:)

    I know COMODO can block trojan request connect by user. But i said when allow this request comodo cant Analysis for network attack detection. :)

    Why ? ===> TCP/UDP flood protection is removed ? It was completely removed.

    and I said On the other hand network policy for app is allow all request ! it is awful.

    If Comodo can block network attack when the traffic created , please show one report network attack detection by comodo. :)

    we can test kaspersky network traffic analysis here:

    http://support.kaspersky.com/kis2011/settings/ids?qid=208281825

    And i can show real test.

    thanks Cudni
     
    mirzarezre, Feb 14, 2011
    #3
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    I always thought that Comodo will not bother with the traffic you allow (why should it, possibly design feature). As for that feature change (flood protection) I doubt it I'll ever feel the lack of it. Thanks for mentioning about it though.
    If you are convinced that somehow you found a bug while there is nothing wrong with your setup then raise the issue further in their forums
     
    Cudni, Feb 15, 2011
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...