Comodo Firewall 4 *ONLY* vs. Norton's Firewall

Discussion in 'other firewalls' started by acr45, May 22, 2010.

Thread Status:
Not open for further replies.
  1. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
    How strong is the firewall compared to Norton's firewall? I have Norton Internet Security 2010 and decided to turn off its firewall and replace it with Comodo's without D+. (I don't care for D+) Does the newest version happen to protect against any and all leak tests without D+? If necessary, what do I need to configure if it is not at its maximum security level right out of the box? I guess the bottom line is, is it better than Norton's and by how much? Thanks a lot guys.
     
  2. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
  3. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    If you're not a moderator, perhaps you could let them decide.
    I believe the A vs B rule is for AV's.
     
  4. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
  5. codylucas16

    codylucas16 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    267
    The mods have a problem with people voicing their opinion. (Lol fascism)

    But anyway.. I just recently switched to NIS and honestly the firewall is terrible. You can put it against just about any leaktest and it fails ( firewall or hips leaktests). You can put it all on manual but there's so many popups that it made me wanna hit something.
     
  6. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Thats a HIPs test not a firewall test.
     
  7. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
    Ok, well here's a question that I forgot to ask. Does anyone know if CW4 passes all known leak tests w/o D+ or just some?
     
  8. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Decided. Thread will continue if it can remain focused on a sound discussion of items that provide technical differentiation between the subject products of this thread.

    Please refer to Mamutu vs PrevX SafeOnline and follow the guidance provided there.

    Blue
     
  9. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    See what I mean about not understanding firewalls. If HIPS are needed why does not Norton use them in the firewall, but if the total suite handles the security why do any of the suites firewalls use HIPS or even stand alone firewalls? Is the firewall supposed to do the jobs of AVs and Anti-malware applications?

    I don't want to hi-jack the thread so please don't answer, but I guess you see the problem re firewalls and some of us "dull knives."

    How does one determine if a particular firewall is a "strong" firewall? It is not much help when someone says to test it yourself.

    Regards,
    Jerry
     
  10. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Wow, A vs B is not a sin after all. :D
     
  11. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Norton's firewall is silent by default. But if you turn on the advanced feature it is very aggresive indeed like it's SONAR. Matousec surely tested it with the default settings.
     
  12. ace55

    ace55 Registered Member

    Joined:
    Mar 29, 2010
    Posts:
    91
    Leak tests primarily test HIPS functions. If you're concerned about having your firewall operate against programs that attempt to subvert it in order to make outgoing connections, you need a HIPS to accompany your firewall. For example, with just a firewall (Norton or Comodo) there is nothing preventing a running process from modifying your browser in memory and piggybacking upon it to connect out to any IP it desires. I am unaware of any firewall-only program that prevents against such an attack.

    That said, if you really do not care for D+, you might want to give Online Armor a try, as it is less heavy on the popups than D+ (and substantially so). Although imo it offers slighty less protection, it is a strong and easy to use program, and is a HIPS/firewall combo that protects well against leaks.

    As to which of your two choices I would recommend, I believe Comodo is more powerful because, if you change the alert level settings under Firewall settings, you can be prompted for all IP and port numbers. You can also make and apply very granular rules to govern the outgoing behavior of applications, which can mitigate the above risk somewhat. That said, you are going to want to allow some application to connect out to everything for your sanity and a running process could easily piggyback upon this to connect out.
     
  13. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Awesome to know some people can get rules bent and others cant.
     
  14. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    1,785
    i tried it recently to a test and it failed terribly but still using it as my subscription has 200 and some more days to run. After that time if they have still not worked things out i might only take antivirus and not the :thumbd: suite
     
  15. falkor

    falkor Registered Member

    Joined:
    Sep 26, 2009
    Posts:
    205
    :cool: :cool: :cool:
     
  16. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    While were at it lets compare LnS, Norton FW, Comodo, OA, Windows FW, and every other firewall ever made because we dont have opinions on these. They are all the same under the hood with different GUI's. We all know PC Tools is superior because it passes Matousec with the best results. :thumbd:
     
  17. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    its embarrassing that even after all this time, members of this forum believe that leaktests show a firewalls effectiveness and judge a firewall as good or bad based on tests that dont even test the component in question here.
     
  18. ace55

    ace55 Registered Member

    Joined:
    Mar 29, 2010
    Posts:
    91
    How do leaktests not show a firewalls effectiveness in controlling outbound traffic, and thus not "test the component in question"?

    You cannot assume a malware author will simply use the standard methods of communicating out out of laziness, and ignore the need to insure that the network connections being made by trusted programs are actually being made by that program.
     
  19. falkor

    falkor Registered Member

    Joined:
    Sep 26, 2009
    Posts:
    205
    He was being facetious :cool:
     
  20. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i never said a HIPS doesnt have a use, i quits specifically said that using a leaktest to judge a firewall is inaccurate and a misconception people still seem to go by, if wer judging a security product as a whole protection then it may be more relevant for testing all those other areas, but that is not a FIREWALL's place and it should not be used to test something as a firewall. ur trying to test something that is completely irrelevant to the product in question and thats what people dont seem to understand, they think that the firewall and the HIPS are the same thing as shuld be judged as the same, but its not.

    for instance i may just want a really good firewall and none of the HIPS stuff, so i go with LnS, but o wait, matousec said its terrible because it didnt pass their leaktest, now is that true that it is a bad FIREWALL?... no... it is tru tho that LnS does NOT have a HIPS, hence the results.
     
  21. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Firzen Matousec is well you know. I think its perfectly fine to bring up here since its all about just the firewall. Comodo clearly does better than Norton in the test.
     
  22. codylucas16

    codylucas16 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    267

    Matousec is not the only leaktest out there. Judging a firewall based on their tests is a bad idea. But there are leak tests that test the firewalls outbound protection capabilities. Norton's firewall fails these too unless put on manual mode which gives you way too many popups.
     
  23. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,279
    Location:
    UK
    As protection against leak tests requires HIPS, I suspect that, with D+ disabled, protection against leak tests will be poor. I haven't personally tested Comodo for leaks though because I agree with the view that the whole concept of leak testing is fundamentally flawed.

    Instead of disabling D+ completely, you could try running it with the Security Level set to Safe Mode, but disable the Sandbox and Monitoring Settings. That still leaves Image Execution Control and My Trusted Software Vendors enabled. Coupled with a decent free anti-virus, D+ will allow known good executables to run, the AV will block known bad executables, and everything else will be subject to a default deny policy by D+ and alerted, pending a user decision.

    You would get very few alerts but, due to the anti-execute feature of D+, still retain good protection against drive-by downloads.
     
  24. Leach

    Leach Registered Member

    Joined:
    May 5, 2010
    Posts:
    84
    All Matousec does is sitting and counting the number of popups per app (name it malware). :D He won this battle and now each and every firewall which wants to "score" more starts with a "iexplore wants to run, OMG what are you gonna do?". But wait they are smart guys, should think about users (what Matousec doesn't care) and put iexplore onto white list and now it runs without the initial popup.
    And so the tests made in a laboratory are isolated from surroundings (usefull or not), cleaned up and got put upon a slide. Described empirically and exaggerated but I believe it may not be an indicator of quality for modern and complex products.
     
  25. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    lol i more than realize its not the only one, im mentioning it because many people refer to it as the bible for what is good and bad in the world of firewalls, and thats the problem.

    and honestly, in a set of leaktests how many of the methods it tests HONESTLY tests anything to do with the firewall? maybe 1 or 2 out of the dozens of other methods testing what a HIPS is supposed to do, and still people then assume "o it didnt get perfect on this leaktest, it must be a terrible firewall"
     
Loading...
Thread Status:
Not open for further replies.