Online Armor 2 Vs Comodo Firewall Pro 3

[Guest]

[Melih]

ok u want me to test the last OA with your test?
np
i tried all tests i found on the web, that's why my conclusion is that OA is the best FW for xp.
don't install comodo 3.0 on xp, if u dont want to stay out of your system.
ok u're the best on vista np.
but if u're not able to fix lot of troubles we have with comodo and AV on xp, there's a big problem.

just try ssdt hooks, your firewall allow the programm to get the ssdt list as OA block it.
try test.exe on xp with all comodo options at max.
and about icmp, u'd better try OA trial before...

Yes pls go ahead and try it and let us know if it fails or not.

Here is the link to the test btw:
http://forums.comodo.com/leak_testingattacksvulnerability_research/a_newsimple_outbound_protection_test-t18780.0.html


thanks
Melih

[Blas]

Almost everything stops icmp leaking tests, including my grand'ma kerio (i mean version 2.1.5).

Why should you be, Melih, so definitive with CPF in the same time windows 2000 users, as myself, are to stay with CPF 2.4, which i understand no to be upgraded, and how would you compare the latter with OA, kerio, jetico or whatever you want?

In the same time, you cannot be fair in comparing CPF 3 (a firewall, but also a hips) with other security systems in which the user has a simple firewall, and separately a third-party hips software.

If a security program can defend itself, monitor program modifications, keyboard captures, window messages ect it has already got HIPS features. A simple firewall in my definition only filters network traffic. Windows built in firewall or cfp3 basic mode is a simple firewall in my view with an additional program control. If it can prevent malware tampering and leaks which are using methods other than ICMP or similar network protocoll tricking can NOT be considered simple firewalls. CPF 2.4, OA free also have hips features. The difference between them and cfp 3 is that the later is a full-featured HIPS (depending on configuration).
Btw I heard somewhere that OA was formerly a hips product...

So how come they got 100 % on Matousec tests ... Well I don't really care, Comodo is better for me. Way better. Thumbs up Comodo !

Altough their tests are extensive, matousec is not the Bible either. 100% means that the given products passed their tests on default settings. All of them. To achieve the same with cfp 2.4 you only need to tick 2 or 3 boxes. The reason those functions are turned off is compatibility. So on max settings v2.4 would score 100% too.
Note that this 100% result doesn't mean that you are 100% protected. That would be imposible. Maybe in dreams...not in real world. Anyway those are just a bunch of leaktests, not real life malware with the latest tricks. You cant rely fully on these tests when judging a product!! It is the same with vehicle crash tests. Although my car has a 5 star rating (the forces on the dummy were below a certain level at a certain speed at a certain scenario) it doesn't mean that I am safe. It means that I have better chances than the one sitting in a 3-star-rated.

You should stop pointing at eachother and flaming each others product. It really depends on the point of view and personal tastes which is the best. I have tried OA free, and despite being lite on resources, quiet, and I also liked the network statistics feature, overal I did not fall in love with it. I didn't feel that I was in control especially comparing to cfp v3. For me cfp is better. But its my personal opinion, and doesn't mean at all that OA is a piece of sh*it.

ps: about pending files...for those who know why is it for, what is it showing and how to use it properly it is more usefull than an annoyance.

[Commodus]

If a security program can defend itself, monitor program modifications, keyboard captures, window messages ect it has already got HIPS features. A simple firewall in my definition only filters network traffic in my definition. Windows built in firewall or cfp3 basic mode is a simple firewall in my view with an additional program control. If it can prevent malware tempering and leaks which are using methods other than ICMP or similar network protocoll tricking can NOT be considered simple firewalls. CPF 2.4, OA free also have hips features. The difference between them and cfp 3 is that the later is a full-featured HIPS (depending on configuration).
Btw I heard somewhere that OA was formerly a hips product...

Altough their tests are extensive, matousec is not the Bible either. 100% means that the given products passed their tests on default settings. All of them. To achieve the same with cfp 2.4 you only need to tick 2 or 3 boxes. The reason those functions are turned off is compatibility. So on max settings v2.4 would score 100% too.
Note that this 100% result doesn't mean that you are 100% protected. That would be imposible. Maybe in dreams...not in real world. Anyway those are just a bunch of leaktests, not real life malware with the latest tricks. You cant rely fully on these tests when judging a product!! It is the same with vehicle crash tests. Although my car has a 5 star rating (the forces on the dummy were below a certain level at a certain speed at a certain scenario) it doesn't mean that I am safe. It means that I have better chances than the one sitting in a 3-star-rated.

You should stop pointing at eachother and flaming each others product. It really depends on the point of view and personal tastes which is the best. I have tried OA free, and despite being lite on resources, quiet, and I also liked the network statistics feature, overal I did not fall in love with it. I didn't feel that I was in control especially comparing to cfp v3. For me cfp is better. But its my personal opinion, and doesn't mean at all that OA is a piece of sh*it.

ps: about pending files...for those who know why is it for, what is it showing and how to use it properly it is more usefull than an annoyance.

Nice.  But I knew that, I just can't express myself in English that good 

[ailef]

tested both icmp failed, i told u ,  if u dont know how to config OA , dont use it.
or maybe i didnt read well the test?

[Blas]

Nice.  But I knew that, I just can't express myself in English that good 

NP Commodus. My English isn't that good either
The post wasn't strictly written to you, just your question inspired it

tested both icmp failed, i told u ,  if u dont know how to config OA , dont use it.
or maybe i didnt read well the test?

Good to hear OA passes this basic test. Would you be so kind and post what settings have you modified in OA in order to make it pass the icmp test? It would be usefull for those who use OA and started to worry about their firewall not defending them from this kind of attack.
Thanks

[Melih]

tested both icmp failed, i told u ,  if u dont know how to config OA , dont use it.
or maybe i didnt read well the test?

It will also fail the test, if you disconnect your cable from the network! The point is default option as this is what people refer to as their reference point. But I am glad you can configure it and hence it would be good to share what configuration is required to pass this test in order to help others.

PS: Also, I would be eager to understand what exactly was your issue with v3 (which version) so that we can try to resolve it. Can you pls elaborate.

thanks
Melih

[salmonela]

tested both icmp failed, i told u ,  if u dont know how to config OA , dont use it.
or maybe i didnt read well the test?

I assume goal here is to test per application ICMP filtering which Comodo provides, I also assume that OA have only global ICMP filtering (I never test it), so if you passed this test with OA and stay on this configuration you will lose some of your network capabilities, which do not affect Comodo per app. ICMP filtering...

[Blas]

Actually this is the reason we are asking him what settings exatly he have modified.
If I disable my network adapter I probably would pass all the leaktests even without a firewall...lol

[Melih]

Actually this is the reason we are asking him what settings exatly he have modified.
If I disable my network adapter I probably would pass all the leaktests even without a firewall...lol

oh no, look what you have done Blas.....

You have now given a really good idea to a some new firewall wannabiee company.... they will come out and will claim they are 100% by doing what you just told them

Melih

[ailef]

men we dont want to fight for a firewall, comodo is a good firewall, a very good even + it's free.
so OA is not, it cant gives the same protection for free, it's ok.
now if u turn off your AV and run test.exe that blocks the keyboard and the mouse on xp, u'll see that comodo even with defense+ at max, OA too, both cant' block this.
the only way i succeed to block this test.exe was under vista with comodo with defense+ setting .exe to agressive mode. it's the only way to block it.
under xp on .exe agressive mode it says it blocks it but it doesnt and the test.exe crash the mouse and the keyboard.
so i'm not sure it's cause of comodo that in vista the exploit doesnt work, it' cause vista is better than xp or your version of comodo just works bad on xp.
so u see, comodo can block this exploit on vista with some settings to change.
but it cannot with xp.
so what's the reason? the firewall or the OS ?
i will say both so everybody will be happy.
fact is if OA works as good as xp on vista... it will stay the best FW.(ok with comodo if u want ;-) )

[ailef]

Actually this is the reason we are asking him what settings exatly he have modified.
If I disable my network adapter I probably would pass all the leaktests even without a firewall...lol

man what i just set is disable some icmp functions in OA that use your test, that's all.
u got a problem cause there's a FW that will come with a new version compatible with vista with new options and will maybe slap comodo?

after u say that if i disconnect from the internet the test failed....
please if it's to go this way, just stop going on talking , i don't care , your comodo is the best and that's all.

and talking about a FW u dont even know... i tested a lot comodo so i know it a little.
it seems it's not your case with OA.

[Commodus]

oh no, look what you have done Blas.....

You have now given a really good idea to a some new firewall wannabiee company.... they will come out and will claim they are 100% by doing what you just told them

Melih

I'm establishing one right now 

[egemen]

ok u want me to test the last OA with your test?
np
i tried all tests i found on the web, that's why my conclusion is that OA is the best FW for xp.
don't install comodo 3.0 on xp, if u dont want to stay out of your system.
ok u're the best on vista np.
but if u're not able to fix lot of troubles we have with comodo and AV on xp, there's a big problem.

just try ssdt hooks, your firewall allow the programm to get the ssdt list as OA block it.
try test.exe on xp with all comodo options at max.
and about icmp, u'd better try OA trial before...

ok i testes your cpilsuite, so what would happen?
u think i'm going to allow a prog to use an other prog to do things i dont know?
or maybe i'm stupid?
u know there's an option called program guard in OA?
your test failed.
what do u want to prove?
ok OA is shareware and comodo is not
but OA is better that's not my fault.

Hi,

Where is this test which can disable SSDT table bypassing the CFP? Show us the utility please.

Thx,
egemen

[Leolas]

because matousec tests are very old now (meaning no new tests have been introduces for a long time even though hackers don't stop finding new vulnerabilities). the threats have moved on!

Melih

Hi
I've read all your posts about OA and i've got a question:
if thay are old, why comodo isn't able to pass 'em all??


tell me plz

anyway, in tallemu's forum we don't use to say bad things about comodo, because we all know is a very good product...

Bye

ps: i've deleted part of the post...i don't want to say bad things...

[egemen]

man what i just set is disable some icmp functions in OA that use your test, that's all.
u got a problem cause there's a FW that will come with a new version compatible with vista with new options and will maybe slap comodo?

after u say that if i disconnect from the internet the test failed....
please if it's to go this way, just stop going on talking , i don't care , your comodo is the best and that's all.

and talking about a FW u dont even know... i tested a lot comodo so i know it a little.
it seems it's not your case with OA.

Hi Alief,

Noone here really cares if it passes or not . It is not something you cant find in an average firewall.  So you better work with your vendor for a fix for this case to help other users of your firewall.

When it comes to configuration, you can make CFP to drive your car for you on a highspeed highway if you know what i mean...

Good luck,
Egemen

[Tags:]