Comodo firewall with Windows Defender?

Discussion in 'other firewalls' started by acr1965, Aug 18, 2019.

  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I am considering adding Comodo's firewall to my Windows Defender antivirus. I'd like to know if anyone has this combo and any issues or settings I should consider?
     
  2. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,088
    Location:
    Lunar module
    No problem. Windows Defender when updating its build changes the installation path, so the firewall rule will need to be modified. Try using wildcards in rules.
     
  3. mekelek

    mekelek Registered Member

    Joined:
    May 5, 2017
    Posts:
    518
    Location:
    Hungary
    you don't need WD if you use CruelSister's config for Comodo.
     
  4. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    496
    Location:
    Bulgaria
    No problems between Comodo Firewall, Windows Defender and Appcheck on my test ring 1. (on Windows 8.1 WD is weaker than in 10, so Appcheck is covering it with his anti-exploit/rollback capabilities despite Comodo is strong enough to work alone).

    Comodo Firewall, Kaspersky Free 2020 and MBAE on my test ring 2 are working great too (but the System Watcher is a bit too aggressive and I reported several problems. The issues appears mainly when installing new software). MBAE may be a bit unnecessary since the System Watcher provides some kind of exploits protection though.
     
  5. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    Hey there,Greetings/Salutations,

    My question with Comodo Firewall and CruelSister config.
    When, I need to do Windows Updates with Comodo Firewall
    will Comodo Firewall let me install the Windows Updates?
    Or do I to uninstall Comodo Firewall each time, I have to
    update Windows?
    Additionally, how would I update, software that I current have
    install on the computer?


    Looking forward to you opinions,thoughts and comments about
    Comodo Firewall.

    Kind regards,

    Moose
     
  6. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    No, you don't have to uninstall anything or disable anything. I was able to install updates on W10 with no problems.
     
  7. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @Infected,
    Greetings/Salutations!

    I truly appreciate your answer to my question with the current use of Comodo Firewall.
    I know that was a problem with this in the past. I am looking to because of the situation
    with sandboxie. Just out of curiosity, did you turn off Windows Firewall. Or if, you have
    VoodooShield did you disable WLC within Voodooshield. So, there would be no conflicts,
    period.


    Regards,

    Moose World
     
  8. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    I just ran Comodo. No, I left Windows FW on. I don't believe there is a way to shut it off.
     
  9. Moose World

    Moose World Registered Member

    Joined:
    Dec 19, 2013
    Posts:
    905
    Location:
    U.S. Citizen
    @Infected

    * Control Panel
    * Windows Defender Firewall
    * Look at the left side....ect
    * And click!

    Moose

    P.S. Look at Post # 3

    mekelek, Aug 20, 2019
     
    Last edited: Apr 26, 2020
  10. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,166
    hi
    can i install only comodo firewall and hips without the antivirus ?
    i can see the custom installation option

    thanks
     
  11. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    Yes, if you choose custom installation, you can untick the antivirus and install the firewall only.
    Comodo firewall comes with firewall, HIPS, auto containment, cloud lookup / file reputation, viruscope and web filter
     
  12. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,166
    hi
    but is it free only the firewall and hips?
    the last time it did install everything , maybe it was an old version
    thanks
     
  13. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Mantra- Comodo Internet Security (CIS) comes with the on-Demand AV scanner (this is what can be unchecked when you install CIS.

    Comodo firewall (CF) does NOT have the on-demand AV component. However it does come with VirusScope (which can be unchecked when CF is installed, but there is no valid reason to do so).
     
  14. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
  15. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,166
  16. imuade

    imuade Registered Member

    Joined:
    Aug 4, 2016
    Posts:
    751
    Location:
    Italy
    Yes, it's that one
     
  17. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,166
    Hi imuade
    thank you so much
     
  18. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Is VirusScope of real use? I have so weak PC that even cannot use Comodo's virtualisation without inevitable lagging. Does VirusScope much impact PC resources?
     
  19. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    1,649
    Location:
    Paris
    Virusscope is as useful (or as pointless) as any other AV would be. It does work in that it will detect and delete stuff that Comodo has definitions for (just like any other AV) and being only an on-access thingy it takes essentially no resources. But just keep in mind that:

    1). Comodo's definitions aren't in the same class as something like K, but who cares as:
    2). The strength of Comodo is Containment.

    Note: I've been playing with a pretty piece of malware I came across recently- a Zoom video stealer which does a number of nasty things including (but certainly not limited to) like using a batch script to hide the directory containing malicious processes and tools (via an "attrib +s +h +a" batch command) a vbs script, some Python routines, as well as setting the ability to Beacon. When run, the malware was plopped into containment- where all subsequent malicious spawn was also contained- VirusScope detected and deleted the vbs and python scripts and the FW alerted, blocked, and prevented the contained beacon from connecting out. All the remaining junk still in containment could be flushed out without any system effect.

    As to installing on a resource poor system- I personally will (for any product I want to check out) dumb down my VM setup to a resource level equivalent to the biggest POS one can imagine just to see how things will run; and I can assure you that cruel CF is peppy even in this scenario.

    m
     
    Last edited: May 31, 2020
  20. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    @cruelsister, thank you very much for your answer. It's reassuring to here such info about CF. I'll try it with VS on and virtualisation again. It is a great pity to miss these great features.
     
  21. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,787
    Wonder why the default install is with HIPS on, auto-containment off?
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Good question. I've enabled it. BTW, I installed the firewall/HIPS component yesterday evening, placed into Paranoid mode a little sooner than I should have and locked myself out of my accounts :oops: My image restore program came to the rescue. Today I ran several re-boots under Learning mode, then placed into Paranoid mode. Much better now.

    Does anyone know if Cruel Sister has the configuration in a written document somewhere? I saw the video but it's easier for me to follow through written instructions.

    EDIT:

    this program is actually a BEAST! The biggest hurdle is figuring it out and learning how to tame it. I'm getting there, I think, but it's a serious work in progress.

    Installing a couple of Windows updates, I was assaulted with a barrage of alerts, too many to respond to, so I placed it in "Learning Mode", allowing it to create the rules, re-booted, checked and modified the new rules as necessary, then placed back to "Paranoid Mode".

    I forgot to mention, and to stay more OT, it works great with Windows Defender (Security).
     
    Last edited: Jul 25, 2020
  23. Cabville

    Cabville Registered Member

    Joined:
    Feb 19, 2014
    Posts:
    66
    It does that if you install just the firewall. If I remember correctly, the full security suite is just the opposite. Auto-contain is on and HIPS is off.
     
  24. Surt

    Surt Registered Member

    Joined:
    Jan 23, 2019
    Posts:
    471
    Location:
    USA
    I ran into a path issue with the Scheduled Task I built to check for updates every 2 hours, where for example the "start a program" Action:
    "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MpCmdRun.exe" -SignatureUpdate
    would no longer work once 4.18.2007.8-0 got removed. Using wildcard(s) in place of the version will prove fruitless because there will always be more than one path. As of this posting, there is both a path to 4.18.2007.8-0 and 4.18.2007.9-0 on my system. As newer versions arrive, older ones get deleted, but there'll always be two or three paths in the Platform folder.

    I didn't want to edit the Action for every new Defender build so I went about looking for a solution. Member Try3 over at TenForums posted up this code which I now use in a bat file as the Action in Task Scheduler:
    Code:
    set GetLatestVersionPath="dir "C:\ProgramData\Microsoft\Windows Defender\Platform" /ad /od /b"
    FOR /F "tokens=*" %%i IN (' %GetLatestVersionPath% ') Do Set LatestVersionPath=%%i
    "C:\ProgramData\Microsoft\Windows Defender\Platform\%LatestVersionPath%\MpCmdRun.exe" -SignatureUpdate
    
    That might help in building a Comodo firewall rule. Probably not. :(

    That said, there might be a rule needed for nisserv.exe, too.

    Unrelated FYI regarding the path for MpCmdRun.exe:
    There's a "generic" exe in
    C:\Program Files\Windows Defender
    which is the path specified at
    https://www.microsoft.com/en-us/wdsi/defenderupdates
    under the heading "Trigger an update."

    I suppose I'll be using that in the scheduled task if that bat file ever stops working.

    Cheers.
     
    Last edited: Sep 23, 2020
  25. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    @Surt

    yes, it's an issue with Comodo that it doesn't handle wildcards well for the HIPS Application name (full path to application name). You can tell it's going to be a problem when the application icon changes from a sort of colourful picture to a blank, generic icon. At least it handles wildcards fine for the Access Rights rules under Allowed files/Folders and Blocked Files/Foldders rules.

    What I've done as a workaround, although annoying, is I copy/paste the new path of the application over top of the previous path in the existing rule.

    That workaround .bat command you posted may work fine, but I think for me it would be too complex to build and run for all the different application rules with dynamic changing paths.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.