Why would I use anything but Comodo Firewall?

Discussion in 'other firewalls' started by duke1959, Dec 24, 2006.

Thread Status:
Not open for further replies.
  1. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    A little bored today, but this question does interest me. I have used all of the free Firewalls and it would seem that Comodo Firewall is tops. However, in saying that and actually liking CPF more than any of the other ones. I have to add that I also liked using Sunbelt Kerio Personal Firewall Free and for some reason really liked using Zone Alarm Free. Problems were the main reason I stopped using those two, but I never had any trouble using the latest CPF release. I am currently using AVG Firewall, but I miss all the other ones I mentioned. I may even do a custom reinstall with AVG ISS and not add the Firewall this time. If I do that, then why would I use anything but Comodo becomes an even more interesting question for me. The reason I say this is that I heard ZA Free is much better now, as is SKPF, and even Ashampoo Firewall is improving. I'm not looking for my Firewall to pass every leak test, but I do want it to give me more information than my AVG Firewall does. My other question is. What does anyone think about me using either ZA Free, SKPF Free, or Ashampoo FW for those reasons? Thanks in advanced.
     
  2. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    ~removed full quote of post just above....Stem~

    I'm in the same boat.

    I know it suck's in the leaktests, but i really like my Kerio 4.2.2 (last,stable version IMO). I've tried to leave it many times but keep going back to it (very good reporting features among other things). I liked Comodo but felt it was still a release or 2 away from being ready for my system. So i'm going to stick with Kerio again for now. Does anyone know if 'Prevx' can be used to Shore up the leaktest part?.
     
    Last edited by a moderator: Dec 24, 2006
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    4 firewalls worth my time:
    -Jetico
    -Ghostwall
    -OA firewall
    -Kerio 2.1.5
     
  4. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    lucas1985, I used 4.2.2 as well, but then being somewhat anal I tried 4.2.3 which was just the branding of Sunbelt to the Kerio Firewall and it worked the same as 4.2.2 with no troubles. I did have conflicts though when using either version with AOL AVS, but never with anything else. Stem confirmed this problem in thread here awhile back. It was an informative FW and liked the Application Behavior Blocking feature I think it was called. It only ran on my PC at around 8 to 10 MB of mem usage. Quite low. Anyway, I could just keep using AVG, but it takes the fun out of having a Firewall on account of the way it's set up in the Suite itself.
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    In my case, Kerio 2.1.5 is much more light and stable. But if you haven´t problems, keep v4.23.
    On topic: Comodo has strange behaviours in my systems: missed rules, BSOD, etc. Perhaps it´s just me :(
     
  6. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Duke1959
    You need to be getting all of the Xmas presents ready today. :p
    As for using Comodo over ZA or Kerio, I think all three may provide more info than the AVG firewall. I decided on installing ZA on one of my PCs after considering my experience with it on other PCs. Kerio and Comodo tend to be more on the HIPS side as well as many of the newer firewall programs. ZA has never caused problems on the PC (I used every version except 6.5 which was reported to have many bugs). Comodo has added good protection features to the program which is to be commended.
     
  7. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    I'm not going to get into the pros and cons of each firewall, but if you are looking for firewalls that provide a lot of information, here are some examples of what level of logging is available in other firewalls as a point of comparison. This is from Norton Personal Firewall 2004, the newer versions won't do all this! The statistics and logs can be easily cleared using the menu if desired for privacy reasons, and each log category can be specified to be a custom size (ie. 32K-2048K)

    Statistics: Note the number of matches to your "permitted" and "blocked" firewall rules are recorded. The statistics window can also be printed.
     

    Attached Files:

    Last edited: Dec 25, 2006
  8. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    Firewall log (heavily reduced image quality):

    (The Alerts Log (not shown) records details of firewall alerts responded to on-the-fly, something that many firewalls do not provide.
    Notice the DHCP traffic recorded after a reboot. The request and the response are both logged. Not many firewalls are able to log both directions of DHCP traffic this early.) The logs can also be printed.
     

    Attached Files:

    Last edited: Dec 25, 2006
  9. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    System Log:
     

    Attached Files:

  10. noway

    noway Registered Member

    Joined:
    Apr 24, 2005
    Posts:
    351
    Connections log:
     

    Attached Files:

  11. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I won't use any other firewall.
    But I did like ZA free.It ran well for me.
     
  12. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    Here's my 2 cents worth on the issue:

    Used Comodo for awhile (lastest non-beta version) - was impressed with certain aspects, but not with others. I noticed it would lose rules, would allow certain applications to connect without any rules (even with the trusted apps rules unchecked, so it should have asked for any app trying to access the Internet), and did some other strange things. Also, I know there are some concerns regarding its basic structure and the need to allow inbound connections for applications (some good arguments on this in Comodo forums and here at Wilders - don't have time to try to find the threads). Anyway, in the end, did not feel all that secure with this firewall.

    Also used Kerio paid version for the last year (subscription expired 2 days ago), but got real tired of its resource usage and other bugs. The latest version 4.2.368 ballooned over 100mb in memory usage. Seems this firewall is getting worse instead of better, so decided to ditch it. Tried version 4.2.2 but when trying to add packet filter rules, it seemed to "forget" them, change the order, lose certain rules, etc. Bagged it also. Decided to try 2.1.5. I know it works great for a lot of people, but it was very buggy on my system, losing rules, rules changing, etc. Tired of messing with all the rules, spending time to do configuration only to lose all my due to application bugs. Time to find a new non-Kerio firewall...

    I had started out using Zone Alarm free several years ago (the first one I ever used), but had decided to try something else, for reasons I can't even remember. But after all the problems I had, I decided go back to my original firewall. Downloaded the latest free release, and have to say I really am impressed so far. Seems to be very stable, much lower resource and memory usage than some of the other recent versions, and the log is very informative. Am not too concerned with leaktests, as I think much of the leaktest hysteria is hype and marketing garbage. I will let SSM handle the HIPS/leaktest blocking duties, and just let my firewall be a firewall. I also use SSM to protect ZA from termination, so that function in the firewall itself isn't that much of an issue, IMHO. Surfing is much faster with the latest ZA than the other firewalls I've used.

    Also, if you're really concerned about firewall logging, I would suggest using a couple of products I use, such as SmartSniff from Nirsoft (http://www.nirsoft.net/utils/smsniff.html) or a full-blown program like Wireshark (formerly Ehtereal) http://www.wireshark.org/. ZA itself has a pretty informative log, that lists both the IP address and the resolved address in the log entries. Regardless of what is said about it in the leaktest arena, is still a top-knotch firewall and does its job.
     
  13. waters

    waters Registered Member

    Joined:
    Nov 8, 2004
    Posts:
    934
    Tried it for a couple of weeks,slowed me down too much so back with zone alarm free.
     
  14. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Thank you KDNeese, that was well written and informative. One question though. I believe SSM may be a little more for me to handle than maybe some other HIPS. I could try the free version I suppose. If so, do you know if it protects other software like the paid version does, and is it easy to use? I have AVG Internet Security Suite now without the Firewall installed, and Comodo Firewall which I really like. I wouldn't be afraid to try ZA Free again though instead. Maybe keeping AVG with the Virus and Spyware protection like I have now along with ZA Free and SSM Free would work for me. Any thoughts?
     
  15. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Here are some reasons for chosing a firewall:

    You prefer how the firewall looks and operates

    How the GUI is made (clearness, ease of use, etc.)

    Want a firewall that has minimal impact on system resources AND on latency

    Whether or not you want application filtering or not

    SPI

    Logging

    etc.

    These are how I make a choice based on what firewall I use, so for example I wouldn't use Comodo because I don't believe I need application filtering, it isn't as light as the solutions I use, it doesn't have as good or any SPI, and it doesn't have some extra features I like(such as tarpits in 8 signs).

    Cheers,

    Alphalutra1
     
  16. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    It has a very good helpfile/user guide. I use the free version and have very little problem understanding the prompts. It isn't a product you can just install and use without doing a little study. However, it doesn't take a computer science degree to operate, either. If you leave it in "Learning Mode" for several days and run all your apps as normal, you will receive very few prompts running it in regular mode. I am not a very technical person, yet don't find it hard to use at all. A technical person can use it to configure very complex rules, while the less-technical person can also use it. Like I said, takes a little reading to learn the functions, but well worth it.

    As I said above, I use SSM free and it protects itself from termination as well as any other application you choose. You can protect any program with just one click in the rules section. Can't get much easier than that. I have it protecting ZA free. NOD32 has its own self-protection so don't use SSM for it. You can protect any file on your computer from termination, whether .exe program, DLL, or whatever. As for AVG, it should work fine with it, although I really don't see the need for resident AS protection. However, if it doesn't take too many resources, no harm in it. AVG, SSM & ZA free would make a decent combo, I think. I use NOD32 because of its advanced heuristic capability as well as anti-stealth, anti-rootkit technology. I've never used AVG's AV so don't know much about it. I do use AVG AS as an on-demand scanner, but the AS used too many resources for my taste. Hope that provides you with some decent feedback and helps you in your decision.
     
  17. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    I agree EXCEPT change Sygate for Comodo. I've tried them all & still 'tis Sygate for thee.
     
  18. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Thank you very much KDNeese, I think I will give SSM Free a try. I heard good things about ProSecurity too, but the people who said they locked themselves out of their PC's put me back a bit. I can't do this with SSM Free can I? I read where there is a restore function in case I would make a mistake. Not that I'm going to change anything mind you, just want to be a little cautious about some of these HIPS programs.
     
  19. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    You can lock yourself out with both, thats why its wise to run it in learning mode for a while to avoid this.
     
  20. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Thank you too farmerlee, I think I am having second thoughts about any HIPS though. Even when Comodo comes out with version 3 as tempting as it would be I will probably stay with what I have now. I use Firefox and NoSript, plus I watch where I surf with McAfee SiteAdvisor. I enjoy the simplicity of ZA Free Firewall and AVG Anti-Malware, and hopefully it should be enough protection.
     
  21. ugly

    ugly Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    276
    Location:
    Romania
    This is Matousec conclusion :

    "The positive on the security of Comodo Firewall is its excellent ability to fight against leak-tests. It probably was a priority of its vendor to pass all leak-tests. Only the Coat test was able to bypass its protection but we have been informed that the next version of Comodo Firewall will handle this one too.

    The implementation of the security design is very superficial. Today's malware creators would not have problems to bypass the protection of Comodo. The development of this firewall probably missed independent betatesting of its security features because the number and the nature of bugs we have found in it is alarming. This is why we can not recommend Comodo Personal Firewall as a personal firewall solution to anyone who require the real protection against today's malware."
     
  22. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Yeah thats plenty. With some basic 'internet smarts' you'll have no worries.
     
  23. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    Agreed. When I installed SSM I ran it in learning mode for around a week or so to make sure it became familiar with my system. It is especially important to first run SSM in learning mode during the booting of your system so it learns what files are needed during the boot process. There is an option to disconnect the user interface, where SSM will block things automatically without prompts - but I have some reservations about that. I haven't done it, and don't plan to. Don't really see the need, as I rarely get prompts from SSM. Very easy app to use if you allow it to learn your system.

    If you're not comfortable with a full HIPS program, another option would be using Winpatrol (www.winpatrol.com). It monitors startups, services, Hosts file changes, etc. Is a very simple app to use. In fact, it was the first security app I ever used, back when I knew nothing about security or how my system even worked. It is considered an IDS rather than a HIPS, but is an excellent program. You can also use it to disable programs you don't want starting at boot time. Like I said, it's not a full-blown HIPS, but provides a wide range of protection while at the same time being simple to use. Definitely worth checking out if you're not already using it.
     
  24. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    This is very well said.
    Excuse my ignorance who/whom/what is Matousec?
     
  25. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
Loading...
Thread Status:
Not open for further replies.