Latest Comodo Firewall vs Latest Sunbelt Kerio Firewall

Discussion in 'other firewalls' started by duke1959, Mar 9, 2007.

Thread Status:
Not open for further replies.
  1. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    I already had the newest release of SKPF installed without any problems a few weeks ago, and liked it. I then uninstalled it to try Comodo again and liked it just as much. Sitting behind a router firewall however, and having both Spyware Terminator and Cyberhawk installed I just was looking at which FW would be the best to use if I uninstalled Spyware Terminator. I thought Comodo would pick up the slack since it passes all the leak tests, or Sunbelt Kerio would because of its NIPS and Application Behavior Blocking. Now I'm beginning to wonder if just using Kerio 2.15 or one the free versions of Jetco or Outpost FW would be ok and simply keep ST.
     
  2. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Ok, After reboot, SandboxIE works fine. I'll keep KPF for a while.:)
     
  3. louise2005

    louise2005 Registered Member

    Joined:
    Feb 18, 2006
    Posts:
    8
    I had a wierd and quite destructive experience with Comodo which I gather is uncommon, to say the least.

    XP, SP2, and NOD32 with SAS.

    I uninstalled Sygate and took everything related out of the registry.

    I then installed Comodo.

    First WinFaxPro got stuck half-way through receiving a fax and froze. This happened several times with WinFax. I uninstalled and reinstalled it.

    Then....I am running OUtlook with Spam Bully. I've been running it happily for two years. Suddenly, my Outlook profile was corrupted and Outlook could not load the user. It wasn't the pst file (I restored from backup), but rather, the profile itself was damaged and I had to create a new one.

    Ok fixed - or so I thought.

    The next morning I turned the computer on to discover that it could not boot i8nto Windows - something about a corrupt file in System 32.

    Fortunately I had a Ghost image backup and I've retrieved all my data and Comodo is GONE.

    But I'm back with Sygate and I'm not sure that it is really adequate protection.

    Any suggestions or ideas as to what happened to Comodo?

    Louise
     
  4. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Hard to say Louise.
    You do have to allow Comodo to 'Act as Server' for UDP for svchost.exe for some ports cause it does not have pseudo SPI for that protocol in 'Application Monitor' rules and also allow for the localhost address 127.0.0.1 for TCP as well. And in some cases like my Antivir also to 0.0.0.0.

    Those things are to us who it may concern as firewall aficianados, as most people just use the default install alert level setting allowing all regarding 'Act as server' in Comodo.
    And that is not such a bad setting since network rules disable unsolicited connections from default.

    I am running Comodo currently since I found something strange on my old computer with kerio 2.1.5 that is elsewhere in this thread. Kerio 2 is a firewall that provides the nicest, admitted with spartan looks, interface, most functionality and so sad I cannot trust it anymore.

    Sygate should be an ok firewall to run. Not for the leaktest passing, but acting as a solid firewall providing you much more than windows XP SP2 one. There you can and should disable 'act as server' as told in my guide unlike Comodo that is a totally different "beast".
     
  5. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    I am beginning to believe that Sunbelt Kerio Personal Firewall has surpassed Comodo Pro somewhat in smoothness of running, and with it's NIPS and Application Behavior Blocking maybe even it's protection. And I'm just talking about the free version of SKPF here.
     
  6. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    Kerio 4 is an easy firewall, if you don't get the BSOD's.
    Those features you mention Duke have been there for all the Kerio 4 development, they are nothing new. Before Sunbelt bought it they were there already.

    I am rather skeptical on Kerio 4. It does not log everything set to for one thing. Hope it works ok with you.
     
  7. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    After viewing the Comodo Forum earlier, I'm beginning to think the improvements made to SKPF has now made the free version a better choice than CPF. Leak Tests aside, SKPF runs smooth, is problem free, and doesn't seem to cause any delay in boot times.
     
  8. gagman

    gagman Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    68
    Location:
    France
    I totally agree with you on the log point. Keep in mind that you cannot log accepted packets with application rules.
    You can log accepted on denied packets with network rules.
    But there is no log option on application rule. Amazing.

    I think logs are one of the most important part of a FW. And for Comodo, that is not top of the notch.

    I added this feature in the wishlist of Comodo v3, as this issue is for me a showstopper for Comodo.
     
  9. scottls

    scottls Registered Member

    Joined:
    Jul 4, 2004
    Posts:
    37
    Sunbelt Kerio Firewall has startup/shutdown protection!, and...!?

    Scenario (for me)- I start-up my computer & leave..., before replying to the Welcome Screen!- Internet IS active & NO firewall (I KNOW internet was active, as my NOD32 AV updated!)!
    Same vulnerability for a few seconds on normal NO pre-firewall/AV startup/shutdown (I have FAST 8000kbps cable- plenty of hacker time!)!
    Now I know how malware got by my NOD32 & Spyware Doctor V4!

    DRAT!- Kerio gave me a HARD/False Intrusion Detection Error on my Spyware Doctor's "sdhelp.exe"!?
    Kerio support had me disable NIPS- I still get the HARD error!

    Note: Did as suggested by Pedro (next), and Comodo blocks on boot GOOD now!
     
    Last edited: Apr 17, 2007
  10. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Open Comodo GUI, go to Security- Advanced- Advanced Attack Detection and Prevention ;)
    Miscellaneous- Block all outgoing connections while booting. If you want. NOD updated because you had a rule allowing NOD. All incoming is blocked at startup.
    Security Center warned that Comodo was down, when in fact it was not. The GUI wasn't open, so Windows panics. The driver is up and running, blocking all incoming, and allowing outgoing connections (unless you choose for some reasong to block as above).
     
  11. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Hello,
    Either Kerio or Comodo are a fair choice. Just go with what you like more.
    Both should do quite well. So will Sygate. Better, in fact.
    Mrk
     
  12. besafe

    besafe Registered Member

    Joined:
    Mar 29, 2007
    Posts:
    222
    How does the Sunbelt Kerio Firewall (free version) stack up to the Zone Alarm Firewall (free version) in terms of:

    1. Ease of Set up and use
    2. Resource consumption
    3. Protection provided
     
  13. Bluenile

    Bluenile Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    122
    Location:
    UK
    1 Not much difference although kerio will give you more outgoing alerts at first.

    2 Kerio uses slightly more RAM, typically around 30Mb, but does not slow down my PC at all.

    3 Installed in advanced mode Kerio gives much better protection than ZA free imo, particularly on things like application hijacks.
     
  14. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,207
    I am more to Comodo than to Kerio 4 (skpf or before that).
    Kerio 2.1.5 is ok if wanting a really light firewall with good packet filtering capabilities and so is Sygate 5.5 free or pro.
    What makes Comodo better than both of those is that the application rules are made to parent&children. That feature of course not so much needed when running something like SSM. But Processguard that I like better as my hips as SSM is a bit too much for me does not have that feature.

    An example is Internet Explorer that I seldom run, but if I do, only inside Sandboxie. So Comodo is allowed sandboxie's start.exe to launch IE, but normal IE launch from a desktop icon is not allowed. Sygate has also antiapplication hijacking which means asking if some program is allowed to start another as a parent, but it is not as usefull as Comodo's application rules.

    What I don't like about Comodo is that rules cannot be imported/exported and they are kept in system registry.
    And no real application logging. Logging of Comodo is not very helpful in many circumstances. In that department kerio 2.1.5 and Sygate shine out, though with SPF some intrinsic system logging is not possible or need advanced rules, but that is not something many users need anyways.
    Jarmo
     
  15. Jo Ann

    Jo Ann Registered Member

    Joined:
    Jan 6, 2007
    Posts:
    619
    Hello Mrk,

    Would you please explain your reasons for saying Sygate is a better choice than either Comodo or Kerio? :doubt:

    TIA
     
  16. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,213
    Hello,

    Well, I'll make a slight derail offtopic.

    From the standpoint of robustness, ability to handle MASSIVE traffic in and out, great logging, zero incompatibilities, extremely tiny footprint memory- and cpu-wise, I have yet to see anything that can rival it.

    There are a few firewalls with similar capabilities, CHX-I, but it's a pain to configure for most people. Old Kerio is also sweet. But as a whole, nothing beats good old Syggie. Wonder why Symantec bought them and ... effectively ruined them?

    It's a pure product. Just like Firefox is a pure product.

    Mrk
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.