Pure firewalls list

The option to disable permanently D+ on Comodo does not load any HIPS component when the computer starts.

http://help.comodo.com/uploads/Como...86b/6d2726b782d720fe8d48f063a48e499d/pic1.png

And somebody asked about the ipv6, and yes, comodo includes ipv6 since v5.3 if I remember well.

 

ok, sound the same approach as the deactivation of HIPS with Online Armor.

 

I know of another lesser known Pure firewall (possibly) but it is in Russian. So if anyone could provide English localisation for the same, it would hopefully be another great addition. Here is the link : http://infotecs.ru/products/catalog.php?SECTION_ID=&ELEMENT_ID=159

The firewall is called VipNet Personal Firewall.

 

Many happy Comodo users are regular posters here at Wilders. Their comments are helpful and balanced. But in the past we have endured harangues by fan-boyz that eventually led to closing of otherwise interesting threads. Over the past several years, it has become increasingly daunting to make any sort of comment relative to Comodo -- good or bad. Some folks have ceased or greatly reduced their participation at Wilders because of personal attacks by some (NOT all) fan-boyz.

As to comments/questions/tests concerning the effectiveness of Comodo -- Reasonably courteous disagreements with test methods, objectivity, accuracy, etc are understandable and desirable. However, personal attacks on the tester himself, character assassination, & totally vituperative comments are simply unacceptable under any circumstances. Not to be "ignored" but (hopefully) shut down altogether.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Yes yes yes!. Tell it like it is -- the good, the bad, & the ugly. I certainly do not want to use a weak FW that has been whitewashed.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I tried Comodo FW last week & was not presented with the option to permanently disable D+. I'm not saying the option isn't there. I'm just saying that I did not see it.

Where/when is this option offered?

 

hi,
TermiNet is not supported since 2007:
http://www.infotecs.biz/Soft/terminet.htm

My goal was to list stand alone firewall that does not come by design with any kind of behavioural engine.
This filter excludes then good firewalls, integrated or not in a suite or "combo" like Private firewall, Jetico, LnS, OA, Outpost, OSSS, or most AV suites from popular ones like Kaspersky to "exotic" one like Antechinus ultimate (waouhh!) security suite or/and firewall (ex Filesclab in fact: http://www.c-point.com/security/firewall.php ).
I've also excluded outdated and "poor" firewalls like Omniquad, Goldtach, cupid and " guive me your money" softs and editors like IDFirewall ( http://www.idsecuritysuite.com/products/id-firewall.htm ) and many more, and web filter like SafeSquid which are totally different products of course.

And i would really replace the french WinCerber by a CHX like software, available in free limited version and full paid one: Active Wall: http://en.lanctrl.com/products.php

I understand that users interested in their security are looking for the better choice.
But there is none. Since bad and waste of money softs are avoided, then there is plenty of firewalls who do their job.
And as effective and well rated is your firewall, understand that any line defense can TECHNICALLY be compromised, from the average user system to NSA servers.
Trojan infectiion via PDF exploit, XSS keylogguer, DDOS, covert channels are just a few examples of firewall limitations.
More over testing firewall in an exhaustive way is quite fastitudious, with Backtrack or any forge packet tool (and this is not as easier as running a leaktest).
Anyway users can have fun with testing if they are in the required environment with a tool like Firewall test agent: http://www.stationx.net/firewall_test_agent.php
Regarding IPV6, i am afraid that none on them is compatible, but i am not sure for the last version of NetworkShield that is only interesting at the office.
Rgds

 

If I understood correctly, you don’t want to include a TDI filtering capable firewall, even if it can be easily disabled by a mere click of a mouse button and be just a NDIS filtering “pure-firewall” ... like Look 'n' Stop.

 

I can remember few threads that have gone "bad" , but to be perfectly honest, the way I saw it was the other way around, some people were bashing Comodo without any reasonable ground, it wasn't about the product itself but rather against their CEO , he was ridiculed constantly, there were suspicions why their product is provided for free etc. , of course those threads were passed on to the Comodo forums and the chain reaction started.
So, it's not like fan-boyz all of the sudden decided to spam/troll threads about Comodo, every fight needs two parties.
Don't know how it was before 2010 , but since the time I signed up here, my impression is that Comodo is not liked here, for reasons unknown to me.
Wasn't able to figure them out.

Now, I don't know about other Comodo products because I don't use them and frankly I don't care about them.
All I know is that I've been using Comodo Firewall (only FW) since version 3.x (meaning several years 24/7) and I was not able to find any flaw.
It's very light, stable, no crashes, bugs, nothing out of the order.
Interface is clear, rules are clear, they are highly configurable, alerts are the best I've seen in comparison to other firewalls, in fact this is the only firewall that will alert you for the every IP application XYZ is trying to connect to (on the very high setting) , other firewalls don't have that feature, it's either allow or block for the whole application, some can do that job but not with the alerts, you have to do everything manually.
The only thing I'm missing is the reverse IP lookup feature in the alerts , but I can't do anything about that, so I must live with it.

 

A firewall is a collection of components placed between two networks that collectively have the following properties:
.. All traffic from inside to outside, and vice-versa, must pass through the firewall.
.. Only authorized traffic, as defined by the local security policy, will be allowed to pass.
.. The firewall itself is immune to penetration.

A firewall with good out of the box settings = paid
There are too many security layers each with their own security policies on todays pc.

 

I'm looking forward to this as well.

The problem that I had with Fort Knox, was that it zapped my bandwidth on my XP machine that I tried it on. It slowed download speeds to a crawl. I tweaked the settings with every permutation that I could to try and solve it, but that didn't help. When I tried it in XP in a VM, it worked ok.

I don't think that you are "presented" with it. If you choose the "firewall only" option (screenshot post #27) during installation, then there will be no need to disable it.

If you didn't choose the "firewall only" option while installing it, then go to: Defense+ tab -> Defense+ settings -> Deactivate Defense+ permanently (requires a system restart)

 

Some of the older versions of Outpost with its granular protection really rocked! I believe it was a pure FW back in the day. I used Outpost for a few years until I started having problems with newer builds. I switched to Online Armor then. Online Armor should give an option to not install the HIPS at all so they are never loaded. I'm a huge OA fan, and I like the Firewall more than I do the HIPS because of its great tab layout! The HIPS, and AE are just an added bonus.

 

Thanks! I shall try it again in a while.

 

IPv6 has been implemented but the implementation is still incomplete. Whilst it's quite possible to create rule around IPv6 there are currently no options for defining protocol options, such as HOPOPT, NoNxt etc. Also, as I mentioned elsewhere, ICMPv6 filtering has yet to be be implemented. Right now you can allow all ICMPv6 traffic or none, which is less than ideal for IPv6.

 

No. .. I don't, but if you ask me about it I think I want to try It looks pretty interesting.
And by the way ... what do you guys think about Ashampoo FW Free 1.2?
https://www.ashampoo.com/uk/eur/pde/0050/Security_Software/Ashampoo-FireWall-FREE/Details
Why AFW?...
- it looks it's "pure" firewall
- it's second firewall in my own language - Polish - besides FortKnox
- and I found this opinion on Cnet's

 

@J_L

I don't have any problems with open source, however, my suggestion is not "valid", as per OP's post.

 

I use Comodo IS at work and Outpost Firewall at home. The thing about comodo is that the firewall itself doesn't filter any traffic. There's nothing ever in the logs. It only relies on hips to work. I see many packets block by Outpost and none ever by Comodo. And both setups are behind router.

 

They never fixed the logs, among many other things. Disappointing.

Many like myself liked it a lot, probably because we expected an (different) evolution from 2.4.

 

Of course Comodo filters traffic , by default it only filters Blocked events, but you can set it up to filter everything.
IMO there's no need to filter everything in logs , can't see a reason for it, blocked events are enough in logs.

 

Perhaps you meant to write that it only LOGS blocked events.

 

Of course, original poster used that term so I didn't want to confuse him.
Second part of my reply (which you didn't quote) makes that very clear.

 

I was just wondering why it's being flagged as a fraudulent app.

 

Nice dance. You're a regular Fred Astaire.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I tried it & liked it. It worked for me because I'm on XP. However the Asham FW is abandoned-ware, AFAIK, & doesn't work on Vista, Win7, or 64-bits in any flavor.

I wish the Asham folks would resume support of this FW. Even more, I wish the Filseclab & Kerio 2.1.5 FWs would be updated. (Sigh)

 

Thanks Bellgaming for your reply...I use also WinXP on my 2 laptops and I think that Ashampoo is enough to basic protection especially for not advanced users...like my wife and son Other matter it's Filseclab...I think it's great firewall with many useful and detailed features and can give a solid protection. I like it very much, but last update is dated on 2008 (v. 3.03.8982). It's only sad that very good software is abandoned

I found many threads in Internet where they write "it's a rogue"...even on Wilders
https://www.wilderssecurity.com/showthread.php?t=227836
https://www.wilderssecurity.com/showthread.php?t=121074
There is thread in Bleepincomputer too but inside as a source is pointed information from Spyware Warior list...form where Armor2net was removed as a false positive
http://www.bleepingcomputer.com/startups/Armor2net.exe-14362.html
Similarly in other threads. I think these informations are copied whitout checking...on WOT too.

 

The thing is I never see any blocked packets or events in Comodo's log . Makes me question is actually doing anything other than give you hips alerts of things that are already in the system.

 

It appears (in current version) Comodo does not log blocked inbound due to default setting of "Block all incoming connections and make my ports stealth for everyone". If you change the setting (in "Firewall-> Stealth ports wizard") to "Alert me to incoming connections and make my ports stealth on a per-case basis", then the log will show blocked inbound.


- Stem

 

Main thing here is how good are you with firewalls in general.
If you don't like the alerts and your security level is at safe mode , then you will rarely see any alerts. However, when you block something via alert , it will automatically log that event in the future. You probably never blocked anything. It's simple as that , as soon as you block any application it will automatically have that event logged in the future.

You have predefined policies when you see alert , you can change them or create your own, so when the alert pops you can choose one of those policies.
If you want application to be outgoing only then you choose that one, or web browser for web browsers, like in this example :



All policies have 'Block and Log all unmatching request' at the bottom , and like I said Log is created for blocked events even if you don't use predefined policies and block something by yourself.

Besides , if you want to log everything you just go to the rule that is created (any rule) and check "Log as a firewall event if this rule is fired" :



Hope this solves that "mystery" for you