Author Topic: Comodo Firewall and Avast 7  (Read 101315 times)

Offline Ronny

  • Product Translator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 13381
  • Volunteer Moderator
Re: Comodo Firewall and Avast 7
« Reply #180 on: March 22, 2012, 10:12:15 AM »
This is my idea.

Leave the web shield active, leave CFW active if you don't mind that legit apps can surf the web without CFW being able to block that traffic.
That should not be a big issue in protecting against malware as Avast should stop the malware before it would be able to connect back to the internet.

The only thing you can't prevent in this case is 'Phone Home' features of legit software that routes trough the web shield.

Malware should be caught by Avast not by a Firewall alert in this case.
Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy -  update Jan 3rd 2013!

Offline clockwork

  • Comodo's Hero
  • *****
  • Posts: 2051
  • Oxygen requires Chuck Norris to live
Re: Comodo Firewall and Avast 7
« Reply #181 on: March 22, 2012, 11:43:41 AM »

Disabling Avast features is not a work around I'm looking for.


I told you what you need to change (only having that block rule at bottom) so that the other workaround works.

Lets hope you don't stumble across some malicious scripts while surfing the web.

Use no-script firefox addon.
Use a sandbox.
If your antivirus can not detect malicious code, how should the web shield do this?


That should not be a big issue in protecting against malware as Avast should stop the malware before it would be able to connect back to the internet.

Malware should be caught by Avast not by a Firewall alert in this case.
I would not trust a definition based antivirus to manage network traffic that way :o
"If there is a problem, it`s something interesting. Try to circumvent or fix it.
In the old ages there was no support. That`s why we got the brain we have today.
Otherwise we would only be able to call a number and listen."

Offline Ronny

  • Product Translator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 13381
  • Volunteer Moderator
Re: Comodo Firewall and Avast 7
« Reply #182 on: March 22, 2012, 11:50:32 AM »
I would not trust a definition based antivirus to manage network traffic that way :o
I wasn't writing what I would do, I would ditch Avast without doubt, I dare to run CIS without the AV and still feel safe.
Never tandem multiple security products as that's in general lessening the overall security of your system, chose the one you like most and take the maximum of it.

Use tools like HitmanPro/Mbam/SuperAntispyware/Emsisoft emergency kit for a second-opinion cause they are all 'on demand' and don't hook live in you system.
Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy -  update Jan 3rd 2013!

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 18736
Re: Comodo Firewall and Avast 7
« Reply #183 on: March 22, 2012, 02:46:59 PM »
I am not an Avast user but would switching back to Avast 6 be an option?

With regard to malicious scripts. If they try to trigger a buffer overflow CIS will get it with its BO protection.

Offline clockwork

  • Comodo's Hero
  • *****
  • Posts: 2051
  • Oxygen requires Chuck Norris to live
Re: Comodo Firewall and Avast 7
« Reply #184 on: March 22, 2012, 04:26:33 PM »
Avast is the best antivirus i ever used. And i say that even allready while having everything not installed apart from data system protection!
The people who get scared when they need to make a decision to disable an avast feature, they forget that all the features are in that product, because it isnt primary for those people with a host intrusion protection like comodo defense+, but for those who have just an antivirus.

You are not in akut danger if you disable the web shield, or the email shield, or the IM shield, as long as your antivirus catches malware AND your host intrusion protection would give you the choice of things running.

As for the worry about scripts, avast has a script shield additionally! :D
And i am one of these poor souls who would have been totally unprotected if we would need a web shield. No infections. It is possible ;)
"If there is a problem, it`s something interesting. Try to circumvent or fix it.
In the old ages there was no support. That`s why we got the brain we have today.
Otherwise we would only be able to call a number and listen."

Offline Wiired

  • Newbie
  • *
  • Posts: 8
Re: Comodo Firewall and Avast 7
« Reply #185 on: March 22, 2012, 07:01:24 PM »
Clockwork if you have a work around that works with please post a screen shot of the rules I need what order they need to be in.  Including the web browser.

Offline clockwork

  • Comodo's Hero
  • *****
  • Posts: 2051
  • Oxygen requires Chuck Norris to live
Re: Comodo Firewall and Avast 7
« Reply #186 on: March 22, 2012, 09:44:06 PM »
This:
Here's a 'kludge' that should prevent unauthorised applications from being able to use the Avast proxy. Add an rule below your existing Application rules that blocks everything else:

Application Name - All Applications (found under Select File Groups when creating a rule)
Action - Block and Log
Protocol - IP
Direction - Out
Source Address - Any
Destination Address - Any
IP Details - Any

You just have to ensure any process that needs network access, has a rule above this. Not ideal, but it does work.


mod edit: I provided a quote instead of the link. It helps to keep the flow of reading. Eric
« Last Edit: March 23, 2012, 09:05:57 AM by EricJH »
"If there is a problem, it`s something interesting. Try to circumvent or fix it.
In the old ages there was no support. That`s why we got the brain we have today.
Otherwise we would only be able to call a number and listen."

Offline Wiired

  • Newbie
  • *
  • Posts: 8
Re: Comodo Firewall and Avast 7
« Reply #187 on: March 22, 2012, 11:31:54 PM »
Clockwork,  I tried that already.  So can you confirm this works for you as you have actually tested it?

If so please post your screen shot of it.  I don't mind if you remove the rules that aren't applicable.
I need to see the entry for the browser,  the deny all applications rule and avastsvc.exe and what order they are in.  Then I can setup the same my end and confirm if I'm doing something wrong.

I'll assume you have not tested it if you reply without providing the details I've requested.

Offline Radaghast

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 4068
Re: Comodo Firewall and Avast 7
« Reply #188 on: March 22, 2012, 11:38:56 PM »
There's probably a more reliable way than the last 'kludge' I came up with but it's a little more involved. basically, you'll have to:

1. Disable the DNS client service.
2. Add a block rule to AvastSvc.exe that blocks DNS
3. For the applications you wish to allow, create individual DNS rules
4. Crete a rule for 'All Applications' that blocks DNS queries
5. Place the 'All Applications' at the end of the Application rules list

This should only allow connections that can do DNS resolution themselves, then use the avast proxy for the connection. You could probably do this in a couple of different ways, but this is probably the easiest.

Just don't forget, whatever we do with these makeshift rules, they're only bandages, they're not designed to completely fix anything. Also, they might not even work as you might think. You're probably better off, either allowing browser traffic only through the proxy or disabling it altogether. There's still plenty of protection, or should be.

 
 
 
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.”

Offline Wiired

  • Newbie
  • *
  • Posts: 8
Re: Comodo Firewall and Avast 7
« Reply #189 on: March 23, 2012, 02:49:21 AM »
I liked the first work around did it work or did you later discover it was no good?  Can you post a screen shot of that one?  I couldn't get it going.

I understand its a bandage but I don't mind as I can change the rules on the machines affected and then wait until Comodo decides it needs a functionality change.

Offline Radaghast

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 4068
Re: Comodo Firewall and Avast 7
« Reply #190 on: March 23, 2012, 03:17:34 AM »
I liked the first work around did it work or did you later discover it was no good?  Can you post a screen shot of that one?  I couldn't get it going.

I understand its a bandage but I don't mind as I can change the rules on the machines affected and then wait until Comodo decides it needs a functionality change.

It worked, most of the time, but in all honesty, it was less than reliable. If you don't want to limit the Web-shield to browser traffic only, then I'd suggest going with the DNS option above. It's a little more work to set-up but seems to work better.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.”

Offline Beefed

  • Newbie
  • *
  • Posts: 7
Re: Comodo Firewall and Avast 7
« Reply #191 on: March 23, 2012, 11:25:06 AM »
Went back to Avast 6, and all works as it should. Much easier.

Offline paroh

  • Newbie
  • *
  • Posts: 16
Re: Comodo Firewall and Avast 7
« Reply #192 on: March 24, 2012, 02:04:17 AM »
Went back to Avast 6, and all works as it should. Much easier.

i am also thinking to went back to 6 version till the problem get resolved

Offline hellion

  • Comodo Member
  • **
  • Posts: 41
  • Free the Web!
Re: Comodo Firewall and Avast 7
« Reply #193 on: March 28, 2012, 02:03:31 AM »
Hi All,

I simply cannot understand why it's taking Comodo this long to resolve a CRITICAL issue.

Shocking.
Regards,
Hellion

Offline John Buchanan

  • The greatest victory comes from the battle within.
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5608
  • Personal Dragons can be defeated. Improve yourself
Re: Comodo Firewall and Avast 7
« Reply #194 on: March 28, 2012, 07:03:20 AM »
The simple solution is to use whichever AV you wish but not use Avast 7 Web Shield as it was designed for Win8
Please follow Comodo Forum Policy

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek