comodo was considered the best firewall in the november test for 2006.

Hello,

Mike:

Very good about point about marketing and competitive edge - honesty goes very high in my book.

Fixing problems and developing your product further - always a good thing.

But on the issue of firewalling and users:

Firewall itself is a product aimed at traffic monitoring and control.

Other security programs are supposed to protect the system from kernel-wide mayhem. For instance, IMHO, in your product OA, in the next version, OA non-firewall module should be responsible for protecting the firewall. Not firewall itself. It goes against the second law of thermodynamics.

Preventing mayhem in the first place - strike at the root - the best approach.

Second best - patch against user vulnerability.

All these, of course, assuming the inherently insecure OS environment like Windows.

I don't think firewall is bad if it cannot protect itself.

Firewall CAN BE a BAD SECURITY product if it does not protect itself BUT
Firewall CAN BE a GOOD FIREWALL even if it does NOT protect itself.

That's the whole thing. Comodo is not merely a firewall. It is a comprehensive execution prevention, monitoring and control suite. It is not merely a firewall. The same goes for Sygate. It is not just a firewall. Or many other firewalls.

Therefore, when it comes to traffic, I judge by wholly different standards. I have other means of making sure I don't screw my system. But I cannot manually monitor every little packet. For that purpose, you need a driver that will resolve addresses and redirect packets to and fro. And the simpler the better. In this category, Sygate goes a long way and should be the role model for generations to come.

What good is the best leak proofing if firewall collapses after 3 hours of intense p2p? Or if you cannot have good pings in a game? Or of it eats 50% of system resources?

Lastly, injecting DLL into a trusted process....
How many people do you know can explain what you just wrote? How many can tell scvhost.exe from svchost.exe or lsass.exe from sars.exe? How many people really understand what process is, what DLL is, what port is, what injection means?

Such a prompt is OK for the Wilders geeks and we will love it. But for the average Joe, the simpler the better. That's why Linux IS the perfect solution for the clueless. If the user is capable of destroying his PC, at least give him an OS that won't help him along. This is my offtopic commie mantra...

Anyhow, that's my 65 cents on firewalling.

Happy new year.

Mrk

 

not really, it is easy to kill comodo, the secure message handling is not enough, if you flood comodo exe with kills, secure message handling is a big disadvantage. In that point zone alarm is many steps ahead they have a good anti kill protection.

I also made several leak tests myself and in my test Nr.1 was Outpost Pro 4, it gives you hints about long range scans, no other firewall did that, Nr.2 was Comodo 2.4.x beta directly followed by Nr.3 ZoneAlarm 6.5.x.

 

Well, I just wanted to say that I have tested KIS 411 (Kaspersky) along with a beta patch against all leaktests and currently only fails two: Breakout 2 and DNSTester and protection against those is gonna be implemented later.