In meantime I now gave Comodo a try and first I was a bit ****** off because I re-searched the homepage and no matter what setup you choose d it always wanted to load the 210 Mb setup and I'm asked myself why because the Firewall (according to the homepage) is only 88 MB, so I downloaded it, and under the normal installation routine I couldn't find something but then I searched the advanced option and it revealed his secret is also wants to install the Browser and other stuff, I unchecked it, installed it and it worked, it asked me to restart the PC so I did. So everything is fine, I also disabled the internal Firewall to see how it will react but nothing strange happened and it integrated perfectly into my system. The auto-sandbox is disabled by default but HIPS already does the job and notifcates you about everything, registry, executable and more. The GUi is well designed you can disable that gadget some social crab buttons and almost everything feels smooth. So nothing much to complain about. The GUI/Theme can be changed but I somehow like the default look. The only think what I not like about the GUI is that it waste a lot of space for some buttons and headers but this is complaining on a high level. From what I understand the cmdagent.exe is Comodos listening device to monitor the network connections but I need some more tests on this. General the GUI is fast and the options are well explained and I think it's intuitive. There is also an option (default disabled) to write into Windows own logs (eventmgr) which is quite useful for admins. You will be asked on first installation to help to improve the product which is okay for me since you can opt-in/opt-out at every time, I like it. As you said HIPS is very detailed and there is almost nothing to complain about it because you can customize almost everything and I doubt that normal users will ever need to change something on it but we are on wilders and I created some own rules and it worked without any problems, to check against I tested it with some sampled and did some reboots to see how it reacts on OS level. I also wondered if it's default but maybe it detected my network because IPv6 filtering was disabled by default (if it detects it then everything is okay, if not you need to enable it within the given firewall options). There is also (optional ~ 8 MB) an kill switch something like an Process explorer with autoruns which can be downloaded within the network view (just click advance/more) and you will be asked to download/install it, I did to see what the 'kill switch' is but as said it's an process explorer with some gimmicks, the only thing I miss here is an option to upload directly to VirusTotal or similar service to compare but an online search (which opens google) is present via right click. I think this kill switch is an good alternatives to the syinternals suite (autoruns, ..) for beginners more than enough. Well it's to fast to come to an final conclusion but this small test for me was very good, everything was detected from the beginning, the default installation setup is something I could complain about because the additional software is normally installed by default if you forgot to uncheck it but again that are not really problems just take your time and read everything and select what you want. Personally I will test a little bit longer and play with the modes to see how good it is after some time. The only real problem I'm now running into it is that dnscrypt + unbound stopped working for me, means I can't visible https pages anymore but I guess I need to figure out how to configure Comodo to solve this.
@david banner If set auto-sandbox to Block - but you want file to run - then create auto-sandbox Ignore rule (can create manually or tick "Do not isolate again" in alert). There is no right-click exclude from auto-sandbox. You can find CIS Changelog here: http://downloads.comodo.com/cis/download/updates/release/inis_2001/release_notes.html
It is. I have it many years. I am not involved with the company or anything but I am glad you like it. Jeff has worked hard on it. I only know of him through the site
I agree I not like the 210 MB downloads + the hidden software it want's to install but that's why I wrote this to inform people about this little things. Just uncheck it and everything is okay. As said it works well for me, the ICMP/IGMP Option page is a little bit confusing because you need to add your own rules for Ipv6 (which should be added by default) but it's also no problem, especially because you can import/export all settings which means overall you only need to do this all only once. I not tested the upgrade procedure yet but from what I could read the internal updater should handle it. Now I need to figure out how to handle dnscrypt/unbound but I guess I only need to add just another rules and disable loopback filtering. But lemme see first.
dont use any comodo stuff. it's a spy Comodo tools sends personal information to Comodo Servers every X minutes cmc.comodo.com stat.comodo.com
Maybe you should re-read my overview, I mentioned you can opt-in/opt-out and it's clearly visible by it's setup + option.
David- 1). In practice a program will only be totally blocked (and by that I mean not able to be run) if you set the sandbox level to Untrusted. At default levels an application will be run virtually and can be terminated by using the method I noted above. 2). If you come across and application that you are totally certain is legitimate but still unknown to Comodo (and thus sandboxed), on the initial sandbox alert popup there is something that you can click to "Do Not Sandbox again". So there is no need to go digging to move a program to Trusted status (although this method is indeed there is you want it). 3). On changing to a newer major build it is always a good idea to uninstall the older version first before moving to the newer major build- but this is true for just about anything. 4). The installer will reside in Temp, and a changelog is always available. 5). Ignore that Geek Buddy- server thingy. If you don't use Geek Bus it is not applicable, as as pointed out above it has been fixed. Understand that I'm not in any way pushing Comodo products on you! There are many alternatives which you no doubt would prefer. It's just that Comodo has attracted so many Urban legends that it sometimes becomes disconcerting.
Hey, I barely use Windows Basically, I saw https://news.ycombinator.com/item?id=11129170 and figured that it was worth mentioning here But see https://forums.comodo.com/geekbuddy...800-without-request-vulnerable-t111103.0.html
I not understand what's going on now, now everyone complains about something they never tested himself because they never installed the product or simply look at deprecated issue tracker entries which has been fixed immediately (within 3 days that's what I call fast) ?! I already did explained that the only thing someone need to worry (as time of writing) about is the hidden software which can be unchecked in the advance installer setup [same like the data collection thingy] -> so problem solved! I not understand why someone recommend something without any proof because this thread is about Comodo and not about alternatives. For me as said, it works well here, I leave the data collection enabled (why not, no personally information are been collected! -> as in all AV's btw) to easier submit samples and things. If you not trust why you installed it -> I don't get it!
It wasn't three days! https://forums.comodo.com/geekbuddy...800-without-request-vulnerable-t111103.0.html was posted in May 2015. They apparently responded by generating an easy-to-guess password. https://code.google.com/p/google-security-research/issues/detail?id=703 was posted on 2016-01-19. And then: "Regarding the vulnerability below, we have issued a hotfix on 10th of February."
Useless to talk about things which was already fixed. 3 or 9 days doesn't matter much, especially the mentioned key doesn't exist anymore and CIS 9.0 is already in the pipe. The version I was referring to exist since 13.02 so it isn't helpful to refer then to something from 2015.
OK, whatever. Installing insecure VNC server by default was still a dumb move. No matter how quickly they stopped doing it after being called out.
No doubt that such things are bad but that's what I already (and many others complained about) just ensure you only install the stuff you really want and not that comes by default enabled within the setup. But I bet even if this is showing on the first page most people blindly click 'install' without anything or reading something. This could all be improved by making each setup exclusive which means if you download the Firewall you just get the firewall standalone, download the geekbuddy thingy you only get this, and and ... Well I now created an account in the Comodo forum, so let's see how they react if I complain about that. ... and so it begin's.... But as written, the firewall itself and hips working very well for me, I already saw an forum post someone said it pwns the hdd but I guess this is only with installed AV so I can't reproduce here. And with CIS 9.x the focus is more on Av related things, so I'm excited what's coming.
Ok thanks. I think it is ok but do not like the install, they try to push geek buddy on you and others. It would be easy to make the extras more visible and easier to opt out of
@CHEFKOCH -- Cool But they'll probably blow you off. I used to like Comodo, back in the day. But in recent years, they've gotten bloated and scareware-like
Agree ! And as we said in another thread about Comodo HIPS, it probably gives the higher security disabling the sandbox and setting the HIPS on Paranoid Mode.