Frozen Snapshot and Comodo Firewall Free

Discussion in 'FirstDefense-ISR Forum' started by ErikAlbert, Sep 16, 2007.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    When you remove the "Freeze Storage.arx" and you get an "Error 123", it means that you had errors during the freeze, which creates "Freeze Storage.arx".
    In other words you also had errors during freezing, when Comodo Firewall was installed, otherwise you wouldn't had the "Error 123". Or you ignored these errors like Farmerlee did or you didn't see them.

    When the Freeze Storage is healthy, you don't get that "Error 123".

    Don't blame any other software, because Comodo Firewall IS the problem.

    To please you:
    1. I ran "chkdsk c: /f /r" (typical for RollbackRx-fans)
    2. ISRService.exe is allowed
    3. And the settings you suggested were all done.
    Then I freezed my snapshot. Errors = 13.

    So Comodo Firewall is NOT fully compatible with FDISR.
    The copy/update function works, but the freeze function doesn't work. Period. :)
     
  2. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    From what did you guess that I had comodo firewall on that setup?
    That frozen snapshot had only Windows XP SP2, Acrobat and Office 2003 on it. Nothing else, not a firewall not an antivirus or antispyware and no hips.
    It was an error of FD-ISR and mft; and in my case I could not clear the frozen snapshot. I also uninstalled FD-ISR and could not eliminate/delete it even after that.
    FD-ISR was to blame. Unless you say that this was caused by windows, office or acrobat! :cautious:
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Then you didn't test Comodo and FDISR at all, if Comodo Firewall was not on that setup.
    Are we still talking about Comodo or not ?
     
  4. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    Erik,
    I would have to say you don't know yet how to manipulate the settings on comodo to make it behave with FDISR after seeing the results torture testing my comodo setup with FDISR. It does work and I get no errors after creating and removing the freeze storage. I'm using comodo 2.4 latest and FDISR 3.2 202. In my testing I went so far as even to ENABLE full shadow in POWERSHADOW while creating the freeze storage in one of my scenarios just to see if I could purposely induce an error. NONE. I also created the freeze storage on the SAME harddrive instead of an offline USB harddrive just to make it even harder. Nothing. Can you imagine the computer power it needed in full shadow mode creating a frozen snapshot on the same harddrive? I looked in the activities log as well and no errors. I went even a step further and turned on sandboxie after I created the frozen snapshot all while still fully shadowed with powershadow. Still ran perfect and am currently typing this to you inside a sandboxed , fully shadowed, frozen snapshot with comodo running. Tada! Probably the easiest for you to attempt right now untill you get a better handle on how to use comodo is to set the settings on comodo to "allow all" when you "right click" on the comodo icon in the lower right hand corner of your screen IN ADDITION TO MAKING SURE THE "PROTECT REGISTRY SETTINGS" is unchecked. However I created my frozen snapshot with the protect registry settings ON yet had the "allow all" setting on. So there you have it. After I created the frozen snapshot I just went straight into comodo and changed the settings to how I wanted them while surfing frozen, no biggie. :D
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I tried already all these settings mark/unmarked, enabled/disabled, allow/blocked.
    Freeze function doesn't work, no matter what I do.
     
  6. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    This Comodo Firewall is unbelievable.
    1. I unfreeze with removal of Freeze Storage.arx
    2. I anchored the entire folder "Comodo" in FDISR to exclude it from FDISR
    3. I even exit Comodo
    4. Then I freezed my snapshot and I still have Errors.
    Even anchoring didn't help.

    After that
    1. I rebooted in my old on-line snapshot with LnS.
    2. I deleted my test snapshot with Comodo + Archive.
    3. Then I freezed my snapshot with Errors = 0
    Finally back to normal. What a waste of time.
     
  7. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328
    It took me a good week of tinkering before I got the handle of comodo firewall. They have online video tutorials on how to set it up. I find trying to set up System Safety Monitor harder than trying to set up comodo. How many different security programs are you running now?
     
  8. pandlouk

    pandlouk Registered Member

    Joined:
    Jul 15, 2007
    Posts:
    2,976
    Since you do not believe what I say I just frozen my Windows XP Snapshot and attached an image of it. The only tweak at the comodo was to uncheck protect own registry keys and files from unauthorized modifications.
    Comodo Firewall IS fully compatible with FirstDefence-ISR. Probably on your setup conflicts with another security program! (a hips maybe?) :cool:
     

    Attached Files:

    Last edited: Sep 20, 2007
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes I see it, I believe it and that's why I ditched it. Comodo doesn't like my system and I'm not planning to change the rest for just another firewall.
    Not a disaster, the software world is full of firewalls. I have already 4 other firewalls running on my system without any problems.

    As I said so many times. My security isn't based on security softwares, which have a long history of failures.
    My security is mainly based on boot-to-restore, which also removes infections that passed through my firewall and other security softwares.
    Even when infections disable my security softwares, my boot-to-restore will enable them again.
    If the boot-to-restore ever fails, I replace my actual system with a clean image or archive, which will make the bad guys cry.
    The maximum restore time is 9 minuts, so I don't need to spend my time on searching and removing infections.
    NOD32 needed more than 25 minuts to scan my computer, I restore my computer 3 times in that period, which is a 100% removal of infections without false positives.
     
    Last edited: Sep 20, 2007
  10. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    All at the same time?

    Acadia
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Snapshot-1 = no firewall (= off-line snapshot)
    Snapshot-2 = Look'n'Stop Firewall (= actual firewall)
    Snapshot-3 = Sunbelt Firewall
    Snapshot-4 = Filseclab Firewall
    Snapshot-5 = Sygate Firewall.
    I can't put 4 firewalls in one snapshot. That might cause conflicts.
     
  12. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    Oh, I see. :thumb:

    Acadia
     
  13. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    and I don't have any and am running without problems. Looks like we have discovered that it only the poor xxxxx trying to run with only one that are likely to have problems ? o_O

    Edit: just read post #36 - you are no longer my hero
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I'm looking for another firewall to replace LnS. So I have 3 firewalls in test mode.
    Do you really think I have 4 firewalls to protect my computer ? Read all the posts, not just one. :)
     
  15. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    mea culpa.

    if you must have a software firewall I would suggest sygate and forget about Commode.
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    If it took you a good week of handling Comodo Firewall, then I don't need it.

    Besides a firewall and D-Link-router DI-604, I have only :
    1. Faronics Anti-Executable
    2. DefenseWall
    3. ScriptDefender, which is more a warning, than security software.
    I'm only interested in stopping the execution of infections, because I have already the perfect removal method of infections.
     
  17. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Hate to bust your nuts, but FDISR isn't perfect. Alternative browsers can get into FDISR's files...it just takes a little bit of time before some one exploits that and flush FD down. The reliance on FD is your weakest link since FD's freeze mode only protects the frozen snapshot, not the rest of the C drive. Submit yourself to the power of DeepFreeze...:D
     
  18. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I still like FD-ISR but the freeze aspect is fairly weak in comparison to Deepfreeze 6 or Returnil. FD-ISR plus DeepFreeze 6 would be my idea of the best
    combination.
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    What is the rest of my C-drive ? It only contains two snapshots :
    - one off-line snapshot without an internet connection, no infection possible.
    - one on-line snapshot that doesn't change because it is frozen.
    There is nothing else. So what is the rest ?

    Even when FDISR isn't perfect, I replace everything in 9 minuts.
    DeepFreeze is too limited in its possibilities.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Similarly:

    Along with a Solid Firewall

    A. Faronics Anti-Exec
    B. Power Shadow
    C. Sandboxie
    D: EQSecure
    E: Script Sentry

    Those are enough AFAIK. Also NOD32 AV (ON-Demand Only) because i sometimes let viruses/malware run amuck.

    IMAGING:

    A. Paragon Drive BackUp Pro 8.51
    B. Drive Snapshot

    I cling to the belief that 2 heads are better then one, and in this case, 2 imaging programs affords you double safety against failure from one of them by some stretch.

    If you're wondering about FD-ISR, i keep it on another drive (Largest) with 2 partitions, which negates use of AE since it's been reported the two don't gel very well together. FD-ISR + My Imaging Programs are my bread & butter. :)
     
  21. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I use FDISR + AE, since I bought AE without problems and I use the highest level of security in AE, except the "Delete Prevention", which is disabled.
    My AE is constantly ON, except for downloading and installing new legit softwares, which I don't do very often.
     
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I have to ask, what is the rest of my c: drive also. Actually I am not worried about exploits of FD, as I think it would be a waste of someone's time. First something has to get to the drive, and so it corrupts both of my snapshots. Restsore image, and restore archive which what I really use, and back in business. I don't think DeepFreeze is magic, any more than any of them are.

    Pete
     
  23. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Exactly, DeepFreeze is just another immediate system recovery software in a row, that becomes longer and longer.
     
  24. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    The rest of drive C, if I'm not mistaken, is your other inactive snapshot. Inactive snapshots are theoretically breachable, as I've said. But really, we're now in the realms of who-cares-enough-to-infect-you-when-there-are-millions-of-unsecured-systems -out-there.
    Any ways, I still find FD-ISR's Freeze mode pretty weak in comparison to the as-yet-problem-free DeepFreeze. :)
     
  25. kennyboy

    kennyboy Registered Member

    Joined:
    Oct 4, 2006
    Posts:
    431
    In a lot of cases, (mine included) the rest of the C drive is only used for an emergency stripped down snapshot, only to be used to restore from an ARCHIVE which is kept somewhere else.
    I can see that someone using FD for multiple configurations to boot to might be vulnerable, but this could just as easily be achieved using archives instead of snapshots too.
    But as you say, there are many less secure systems out there for someone to have a go at.

    Ken
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.