Great Work Comodo!

[Guest]

[DonZ]

I have finally got Comodo CIS 4 configured properly and must say I feel fairly secure on the Internet. I run CIS with firewall in custom policy mode and Defense+ in Safe mode.

Ran TestMyPC malware tests and scored 340/340.

Found some additionally keylogging, screen and clipboard capture tests at www.zemana.com and Comodo caught all those.

A few comments.

CIS 4 in default configuration; i.e default firewall rules, is not very secure.

CIS 4 still needs work on Java exploits. Got nailed by one of those masquading as a Java Update.

Overall considering this is a free product, I think it is one of the best on the market.

[SiberLynx]

Hi DonZ,

I will put just a short comment re: Zemana's tests
Those are improper - incorrect tests for keyloging/ screan-loggin...

Sure HIPS has to catch "any move", so it doesn't matter,
but any decent Behavioral Bocker will not and should not consider those as a malicious behaviour  

Cheers!

[DarkenCypher]

CIS 4 in default configuration; i.e default firewall rules, is not very secure.

im just curious what do u mean by this???

[SiberLynx]

im just curious what do u mean by this???

Definitely DonZ will answer your question and express his oppinion

My opinion according to my tests - v3 in Proactive Mode ; Defense+  & Firewall  (both in "Safe Mode") is pretty much safe
I am talking mainly about Firewall only (cannot care less about the Comodo's  AV)  even if the Defense+ is disabled - not in my case, but many users  do

.... V4 is unsafe even if so called "sandbox" is disabled

Cheers!

[DonZ]

A pretty good starting point is given in this Comodo forum thread http://forums.comodo.com/guides-cis/how-to-install-and-configure-comodo-firewall-v41-for-maximum-protection-t57944.0.html;msg406533#msg406533

I personally don't use Comodo's sandboxing. I have been waiting for it "mature" for a while. I might give it a try in the near future.

As far as the firewall goes, Comodo firewall ver. 4 in it's initial release pretty much operates like WIN XP's SP2+ firewall; it allowes most outbound traffic. I think that might have been beefed up a bit in the later releases. I have signifigantly "hardened" the system and svchost application rules and likewise did the same for the global default rules. The other tweaks were primarily unique to my application software installation.

I did remove the port 8080 ref. for the default browser ports since I was getting web redirects to places I didn't want to go to with that in place.

Comodo has given me problems with DHCP since ver. 3 so I also added firewall rules to get around those issues.

Yeah, I wondered about those Zemnna tests. I was running Defensewall for a while and that caught everything screen capture wise. Also Prevx's banking mode is pretty good but I don't like running in the "clouds..." Of course, both those are not free software.

[Tags:]