I am considering adding Comodo's firewall to my Windows Defender antivirus. I'd like to know if anyone has this combo and any issues or settings I should consider?
No problem. Windows Defender when updating its build changes the installation path, so the firewall rule will need to be modified. Try using wildcards in rules.
No problems between Comodo Firewall, Windows Defender and Appcheck on my test ring 1. (on Windows 8.1 WD is weaker than in 10, so Appcheck is covering it with his anti-exploit/rollback capabilities despite Comodo is strong enough to work alone). Comodo Firewall, Kaspersky Free 2020 and MBAE on my test ring 2 are working great too (but the System Watcher is a bit too aggressive and I reported several problems. The issues appears mainly when installing new software). MBAE may be a bit unnecessary since the System Watcher provides some kind of exploits protection though.
Hey there,Greetings/Salutations, My question with Comodo Firewall and CruelSister config. When, I need to do Windows Updates with Comodo Firewall will Comodo Firewall let me install the Windows Updates? Or do I to uninstall Comodo Firewall each time, I have to update Windows? Additionally, how would I update, software that I current have install on the computer? Looking forward to you opinions,thoughts and comments about Comodo Firewall. Kind regards, Moose
No, you don't have to uninstall anything or disable anything. I was able to install updates on W10 with no problems.
@Infected, Greetings/Salutations! I truly appreciate your answer to my question with the current use of Comodo Firewall. I know that was a problem with this in the past. I am looking to because of the situation with sandboxie. Just out of curiosity, did you turn off Windows Firewall. Or if, you have VoodooShield did you disable WLC within Voodooshield. So, there would be no conflicts, period. Regards, Moose World
@Infected * Control Panel * Windows Defender Firewall * Look at the left side....ect * And click! Moose P.S. Look at Post # 3 mekelek, Aug 20, 2019
hi can i install only comodo firewall and hips without the antivirus ? i can see the custom installation option thanks
Yes, if you choose custom installation, you can untick the antivirus and install the firewall only. Comodo firewall comes with firewall, HIPS, auto containment, cloud lookup / file reputation, viruscope and web filter
hi but is it free only the firewall and hips? the last time it did install everything , maybe it was an old version thanks
Mantra- Comodo Internet Security (CIS) comes with the on-Demand AV scanner (this is what can be unchecked when you install CIS. Comodo firewall (CF) does NOT have the on-demand AV component. However it does come with VirusScope (which can be unchecked when CF is installed, but there is no valid reason to do so).
Yes, it's free. Download the offline installer from here https://forums.comodo.com/news-anno...curity-2020-v12227036-released-t125668.0.html Run it, click on "Options" and deselect what you don't wanna install
hi there is only 1 offline installer Comodo Internet Security Premium 80mb , is the installer that i need? there is the online firewall ,but i will avoid it thanks
Is VirusScope of real use? I have so weak PC that even cannot use Comodo's virtualisation without inevitable lagging. Does VirusScope much impact PC resources?
Virusscope is as useful (or as pointless) as any other AV would be. It does work in that it will detect and delete stuff that Comodo has definitions for (just like any other AV) and being only an on-access thingy it takes essentially no resources. But just keep in mind that: 1). Comodo's definitions aren't in the same class as something like K, but who cares as: 2). The strength of Comodo is Containment. Note: I've been playing with a pretty piece of malware I came across recently- a Zoom video stealer which does a number of nasty things including (but certainly not limited to) like using a batch script to hide the directory containing malicious processes and tools (via an "attrib +s +h +a" batch command) a vbs script, some Python routines, as well as setting the ability to Beacon. When run, the malware was plopped into containment- where all subsequent malicious spawn was also contained- VirusScope detected and deleted the vbs and python scripts and the FW alerted, blocked, and prevented the contained beacon from connecting out. All the remaining junk still in containment could be flushed out without any system effect. As to installing on a resource poor system- I personally will (for any product I want to check out) dumb down my VM setup to a resource level equivalent to the biggest POS one can imagine just to see how things will run; and I can assure you that cruel CF is peppy even in this scenario. m
@cruelsister, thank you very much for your answer. It's reassuring to here such info about CF. I'll try it with VS on and virtualisation again. It is a great pity to miss these great features.
Good question. I've enabled it. BTW, I installed the firewall/HIPS component yesterday evening, placed into Paranoid mode a little sooner than I should have and locked myself out of my accounts My image restore program came to the rescue. Today I ran several re-boots under Learning mode, then placed into Paranoid mode. Much better now. Does anyone know if Cruel Sister has the configuration in a written document somewhere? I saw the video but it's easier for me to follow through written instructions. EDIT: this program is actually a BEAST! The biggest hurdle is figuring it out and learning how to tame it. I'm getting there, I think, but it's a serious work in progress. Installing a couple of Windows updates, I was assaulted with a barrage of alerts, too many to respond to, so I placed it in "Learning Mode", allowing it to create the rules, re-booted, checked and modified the new rules as necessary, then placed back to "Paranoid Mode". I forgot to mention, and to stay more OT, it works great with Windows Defender (Security).
It does that if you install just the firewall. If I remember correctly, the full security suite is just the opposite. Auto-contain is on and HIPS is off.
I ran into a path issue with the Scheduled Task I built to check for updates every 2 hours, where for example the "start a program" Action: "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MpCmdRun.exe" -SignatureUpdate would no longer work once 4.18.2007.8-0 got removed. Using wildcard(s) in place of the version will prove fruitless because there will always be more than one path. As of this posting, there is both a path to 4.18.2007.8-0 and 4.18.2007.9-0 on my system. As newer versions arrive, older ones get deleted, but there'll always be two or three paths in the Platform folder. I didn't want to edit the Action for every new Defender build so I went about looking for a solution. Member Try3 over at TenForums posted up this code which I now use in a bat file as the Action in Task Scheduler: Code: set GetLatestVersionPath="dir "C:\ProgramData\Microsoft\Windows Defender\Platform" /ad /od /b" FOR /F "tokens=*" %%i IN (' %GetLatestVersionPath% ') Do Set LatestVersionPath=%%i "C:\ProgramData\Microsoft\Windows Defender\Platform\%LatestVersionPath%\MpCmdRun.exe" -SignatureUpdate That might help in building a Comodo firewall rule. Probably not. That said, there might be a rule needed for nisserv.exe, too. Unrelated FYI regarding the path for MpCmdRun.exe: There's a "generic" exe in C:\Program Files\Windows Defender which is the path specified at https://www.microsoft.com/en-us/wdsi/defenderupdates under the heading "Trigger an update." I suppose I'll be using that in the scheduled task if that bat file ever stops working. Cheers.
@Surt yes, it's an issue with Comodo that it doesn't handle wildcards well for the HIPS Application name (full path to application name). You can tell it's going to be a problem when the application icon changes from a sort of colourful picture to a blank, generic icon. At least it handles wildcards fine for the Access Rights rules under Allowed files/Folders and Blocked Files/Foldders rules. What I've done as a workaround, although annoying, is I copy/paste the new path of the application over top of the previous path in the existing rule. That workaround .bat command you posted may work fine, but I think for me it would be too complex to build and run for all the different application rules with dynamic changing paths.