Defense + without Firewall?

Discussion in 'other anti-malware software' started by Smiggy, Jul 29, 2008.

Thread Status:
Not open for further replies.
  1. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    209
    Location:
    The Angel Isle
    I would use Comodo's offering if there was a way to do away with the firewall option.

    Am behind NAT router with SPI firewall so a software FW isn't really high on my list of priorities/worries.

    Pity they didn't just have the Defense + as a standalone HIPS program.
    You can turn off the HIPS and just have the FW, pity the option didn't work other way round too?!
     
  2. faterider

    faterider Registered Member

    Joined:
    Nov 6, 2004
    Posts:
    64
    Isn't it good enough to disable it? Comodo is light on system resources like any other standalone HIPS, so you are not sacrificing anything.
     
    Last edited: Jul 29, 2008
  3. Smiggy

    Smiggy Registered Member

    Joined:
    May 2, 2007
    Posts:
    209
    Location:
    The Angel Isle
    Am afraid I will have to disagree with you on that!

    I don't think Comodo is light on resources at all comparing it to the likes of OA and standalone HIPs programs like EQsecure, SSM etc.

    I also find it confusing that the likes of SSM and ProSecurity (as was) can outperform genuine Firewalls, www.matousec.com, for example, without being a Firewall at all?

    Does this mean, as I feel, the need for a Firewall is so reduced that a HIPs package, properly configured, can replace one entirely?
     
  4. faterider

    faterider Registered Member

    Joined:
    Nov 6, 2004
    Posts:
    64
    I'm running Comodo (with D+ disabled, but firewall with all the exotic functions like "do packed checksum verification" ON) and EQSecure and have been running SSM before for quite long time. And can easily say that latest Comodo is almost as light as them.

    Personally I never understood the idea of not having outbound protection. But if I see my face in every person I meet I'll get deadly bored for 1 day :) So its good that we are different.

    BTW, most of the soft tested by Matousec like SSM has some sort of firewall integrated.
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Smiggy,

    The advantage of using Comodo's D+ is that you have a preconfigured HIPS when you set it to clean PC mode. You can also set Comodo to allow all inbound on the firewall. The advantage of D+ over EQS is that you still have the build in white list of Comodo. Comodo has a large development team and is also avilable on Vista64.

    When behind a decent configured hardware FW, you can also get an excellent score on leaktest using a sandbox with outbound control of sandboxed aps (GW or SBIE, DW from future version 2.5) and ThreatFire with extra outbound rule.

    When you are familiar with SSM (paid) why not keep using it together with its outbound control (for normal aps seeking outbound connection) and SSM's intrusion protection (to stop suspicious leak attemps).

    Regards Kees
     
  6. rolarocka

    rolarocka Guest

    Hi Kees can you point me to your thread where you explain how to make outbound rules for ThreatFire? I cant find it. Thx
     
Loading...
Thread Status:
Not open for further replies.