Comodo firewall

so for protection this firewall is maybe the best right?

but its a bitt higher on cpu right?

so in protection this firewall is better than KIS 6.0 firewall right?


also this firewall seems like it has more features than the KIS 6.0 firewall?

 

Been trying for a few days, no problems experienced so far, boot time seems to take a wee bit longer and a bit high on cpu.

Difficult to understand how such a good product is free, what's the catch?

 

I dont know if there is a "catch" with the firewall, I have not run this yet (not sure if I should give this company my IP/E-mail address).
I know there was a problem with thier "Trust Toolbar" (classed as "Browser Hijacker") http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453074930

 

I just started to use this and so far it`s working great. I didn`t have a Trust Toolbar to install on the Ver:2 of this app.

 

I found a 30 day trial of this firewall (no registration needed), and installed. At first glance it appears to be O.K. Nothing suspicious installed (no browser addons etc). The updater wanted an outbound connection, but the firewall itself alerted me to this, and blocked this comm when I selected to. (So at this early stage it appears that there are no hard coded rules, well at least for the updater).
Is anyone checking the connections made by this firewall (packet capture/analyzer?). If not, I will do this over the weekend (just to check).

 

I haven`t done any tests other than the normal leak tests and stuff. It would be good to see what your results are once you do the test.

 

I've just downlaoded this firewall and it is very impressive, passed all the leaktests I tried although I couldn't run some of them as anti vir has corrupted them!

My main reservation is its fingerprint, the four files are cpf.exe running at 30-34MB, CLPTray 4MB and CLPgui 13MB and cmdagent 4MB.

I'm going back to Jetico!

 

Well,...it appears to be O.K. No connection attempts that I was not aware of.
(it does on installation connect to 12.158.80.10 ... "crl.verisign.com/class3softwarepublishers.crl",.... just a mention)

 

Great Stem thanks for the update. Nope (it does on installation connect to 12.158.80.10 ...) that`s OK with me. Thanks again.

 

Very interesting discussion so far. Thanks folks. I'll keep an eye on this topic.

 

I still didn't try it, but seems to use a lot of resources...

 

It's impressive as a firewall, but for the resources it uses, it's not worth it for me. The whole 'application' protection built in is great, and the shiny GUI is just fine as well. But when it all boils down, it's just a firewall and when that FIREWALL saps up 60 to 70 megs of my awesome memory, I have to give it the boot. Back to Kerio for me. (yes i'm aware Kerio isn't easy on resources either, but uses HALF of what Comodo does)

And i'm beginning to realize that leaktests mean nothing. If you want to pass the leaktest, download a free hips like PrevX or Process Guard or Antihook etc. Not a firewall that has all the gizmos and gadgets, yet a ton of weight.

I would speak for Jetico, but when I used it, it crashed my PC and I had to reformat. I did however enjoy Kerio 2.* series and Netveda, and also Filseclab Professional.

 

I tried Comodo 2.0 briefly just for fun and found a few bugs/problems in it's rule creation. I reported the problem to the Comodo people in comp.security.firewalls NG where they seem to hang out and monitor user feedback. They are working on fixing it. So to me it seemed a little rough yet and needs a little more work. But it might turn out to be good at some point. If the ram usage is really that high (I didn't check myself) then I'd have to say that's no good either though.

 

On my system, cpf.exe is running at 20 megs of ram, ClpTray is 4 megs and cmdagent is 4 megs. If I open the GUI, that adds 13 megs, but then how often is that? So 29 megs is how much it uses in the background here.

 

You are wrong... This prograns not are suficient in my opinion.
Example of a fail with use of process guard:
A have a legality program validated with process guard that connect with internet without my permision... Process guard can´t alert me...

This is the reason a good firewall for this, like a comodo...

 

Alright! Process Guard probably generated some 'fails' but that's only if you allow the processes .

And usually Antiviruses also help me pass the leaktest as well. I think most of the time I was testing my firewall I had to shut off my AV because it kept harassing me to remove the test program. That way if a firewall failed a certain test, I hardly ever gave two hoots. The best program to prevent viruses and malware is YOURSELF, and a good collection of software. Not the great firewall of China. God knows, even THAT never worked

 

True. Yourself is the best defence. However more security products these days are gearing towards noobs in ways of computer security. Having different layers of products of course is a way to help alleviate bad judgement and dependancy on one software incase it fails. I really doubt many peeps in here will just depend on one firewall for all their needs. However, having one great firewall of China won't hurt if it is just one layer of your security. However, I do recommend a high end computer for this comodo until they fix the resource problem in their next releases.

 

Which is generally the point i'm trying to make, heh. If Comodo were low on the memory scale, I probably wouldn't have such a big deal with it. I think the Firewall's bundled features are something you'd see on paid software, and it's got a shiny GUI. But you just gotta face the facts that what helps Comodo PASS these leaktests are the fact its got an application HIPS built in, and just like any other HIPs, it doesn't have a brain. It's a matter of choice on your part. Sure it tells you that an application is trying to run stealthy in the background, and it 'may' be a virus or harmful application...but generally it was either my antivirus updater or spyware updater running, and if someone is n00bish enough to disable that, they are even MORE in a security predicament.

So in conclusion, what makes Comodo worth having over a Kerio 2.* and Processguard/Antihook (depends on preferences) combination? You take up less resources, and you're getting similar protection (and with antihook, maybe you're getting more). There's nothing special enough about Comodo to pick up in my opinion, they have a track record of spyware through their Trust Toolbar, they have features you can get anywhere's else with lower memory, and less bugs. And while I agree more apps are crucial to protecting your PC, you can only have so many before they annoy the crap out of you with a vast array of questions...and finally you'll sit down and go "I am sick and tired of answering 'yes, remember my answer' to every popup from all the hips,nips,bips,tips programs you have and just format, install Firefox and a couple security apps and call it good.

So what CAN you say about Comodo? I wish they'd get rid of the launcher in the task tray and go straight to the Firewall interface instead (unless there's an option to turn that off). I wish they'd throw in a tiny traffic meter to show what's going in and out in your tray icon, and finally i'd wish they'd get rid of that bug after uninstallation that still tells you it's running under Windows SP2's Security Center(which is dangerous). But those are minor quibbles, except for the latter.

 

Comodo has no HIPS features. It only monitors certain things and notifies you when they lead to Program A wanting internet access (whatever the means). What is great about Comodo, is that if you choose to block this, it will only block the network connection. It does a great job at leaving the HIPS work to the HIPS

 

Also, the features Comodo provide are important for anyone wishing to monitor their applications Internet access (in every aspect possible).

HIPS in general can provide the same protection, given they monitor the features used (such as certain API calls) to gain network access. Unless the HIPS provides extensive details containing the information being sent and the user knows how to read the information than this is no good. This means that the user must know or look up every possibility they are unsure of, such as important files, registry keys, API calls, ect.

I personally think of programs such as Comodo as a great way to make this much easier on me, just a preference though. If the users knowledge permits, time allows then leaving the application network access to the HIPS is a possible way of saving on some resources.

 

Oh, the whole 'component' control is basically what gives me a headache. To the point where Comodo allows a learning mode for it. My personal definition of HIPs is any program that asks too many questions , and THAT Comodo Firewall does extensively. So i'm not going to go on a research quest to figure it out, but I do firmly believe that if you install Prevx1, or Antihook, you are more likely to recieve similar protection without the extra weight of Comodo. I do enjoy the fast development cycle of Comodo, and i'm impressed what they're doing...but i'm not going to sacrifice my precious resources to a leaktest passer when Jetico, or Outpost Free w/Antihook can do it for me. Besides, Comodo wont get the hell out of my Security Center and that's just not acceptable, my PC is sexy and it needs not such a flaw tainting it's beauty.

So to Comodo when they shed some weight. Maybe they'll pull an Avast 4.7 on us when we least expect it.

 

I feel your pain. I ended up doing a system restore to the time I installed Comodo to get rid of it.

 

hmm, by seeing the size of the installer I can sense it will be bunky and heavy, compare it to LNS though its only a few kb but Comodo is about 16.5mb in size way too heavy

 

yah, I understand the resource problem. However, due to the speed of the development, I wouldn't be surprised to see resource usage improve on next release. As for the Security Center problem, I would email that to their support to let them know. Personally I don't use Security Center. You can also disable component control so it will behave more like most other firewalls out there.

 

The next release (according to Comodo, at the end of this month) will fix the security center problem. Will be interesting to see which way they go with this...