WARNING: This firewall does NOT protect anyone - it is EASY to bypass[closed]

[Guest]

[DJ6217]

  I just registered here today and all of this is fairly new to me,so please forgive me if I ask dumb questions.     

What does that post mean about a warning? Is that other person someone mentioned a hacker???
Also,am having technical problems.
Thanks for your help~ 

[gibran]

I just registered here today and all of this is fairly new to me,so please forgive me if I ask dumb questions.     

What does that post mean about a warning? Is that other person someone mentioned a hacker???
Also,am having technical problems.
Thanks for your help~ 

That title show only the Original Poster attitude and disposition toward a fair and honest discussion. Anyway it is quite an eye catcher like every kind of alarming or sensational statement.
 
No hacker took part in this topic if we exclude Egemen (Comodo Firewall Pro Lead Developer ) and maybe Stem (Firewall Expert at Wilders Forum)

I you want any clarification on this topic would please create a new thread in Learn about Computer Security and Interact with Security Experts section and post a link to this topic as well as specific questions you would like to ask.

[xiuhcoatl]

Sorry to say it, Debunker,I have read and re-read this thread, and you have never been cordial or anything but sour in the way you introduce your posts.

There are many people who don’t like one thing or another about COMODO or CFP

There are many products out there, you are free to test or not test CFP 3 this is your choice

You said in one of your post you were trying to help create a better product (not a quote) and I am sure Melih and Egemen and the CFP Dev team appreciate any constructive help you can give

The Decision to make Code Open source is the decision of the Coders and the Parent Company
While I  have followed your points and even tried a few of your possible exploits, time allowing, I believe CFP is offering a good product and they are trying to address the most pressing problems.  What other firewall are completely open source barring some of the Linux distro´s.  You have shown you complete lack of educate in the way you have approached the subject and handled the comments of others.

You can please some of the people some of the time.
You need to remember if you try to please all of the people all of the time, probably 60% of them are probably idiots

No offence meant to anyone I’m sure you all are in the 40%
With the possible exception of Debunker.  I am sure you are a very intelligent individual, as is exhibited in the technical level of your discussion, however you have something to learn about how to approach a topic with tact.  I am sure when you approach Customer service of a large corporation you start out with you guys are f**kin idiots and this generally gets them working very well with you

As an analyst for a large communications company, I used to love to tell people when they said that to me,
"It’s been very nice talking to you. If you would like I can have my boss give you a call.", in short Kiss my A**.

This post is in no way meant to reflect the Opinion nor Policy of COMODO.
I’m merely a forum member who felt the need to express an opinion.


Hope you have nice day, Debunker , and I have enjoyed reading this thread .   

OD

[xiuhcoatl]

1. Is CFP (including latest beta release) doing what it is supposed to on your primary computer? And with primary I mean the computer actually containing all the hardware. Yes

2. Do you have any kind of firewall running on your Virtualized computer? Depends On which one you are refering to? Some yes ands some no; Some retain the changes when I shut down, and some revert back to their original state; Some have AV Installed and some don,t; I even have one that shares a directory with the host OS   

And as such you need a firewall on all virtualized instances too. yes but is is dificult if not almost impossible for a trojen or hacker to cross from the guest os to the host OS in a VPC wih out a shared directory

If I am wrong I would like to know in detail how to achive this so I may try to prove or disprove the to my own satisfaction the method of crossing between the OS


Thanks
OD

Let us try to get this thread back on topic shall we

These questions is intended for the skeptics, and I want you to read them and answer them in a short , polite manner please
 
1. Is CFP (including latest beta release) doing what it is supposed to on your primary computer? And with primary I mean the computer actually containing all the hardware. Yes

2. Do you have any kind of firewall running on your Virtualized computer?

I haven't exactly gone over the inner workings of VPC2007 or VMware, but I think I have some general knowledge of the virtualization concept (or sandboxing as some call it). And unless I'm too mistaken, VPC2007 and VMware have both "bridged" the local network adapter in the same way. Which is basically a tunneling protocol. And herein lies the problem. The Virtualized NIC is linked directly to the Physical level and should be treated as a separate hardware adapter, not a software adapter with an IP address at the Network layer. The Virtualized NIC holds it's own MAC address aswell as its own IP address (and can even be connected to a trunking port on the switch and read VTP tags). This makes it ideal for the virtualization concept, but expects and demands knowledge and awareness from the user. And as such you need a firewall on all virtualized instances too.

Comments anyone? 

[LuckyS]

[...]

And as such you need a firewall on all virtualized instances too. yes but is is dificult if not almost impossible for a trojen or hacker to cross from the guest os to the host OS in a VPC wih out a shared directory

[...]

Common fault in reading the OP, this is not about an installed VM getting hijacked but a Virus/Trojan/Malware installing its own VM to call out.

[Info-Sec]

I highly doubt a trojan / malware could install its own VM.  That would be way too obvious.  A VM would need internet access and a bunch of other stuff.  Yes malware can conceal itself by using virtualization, but it cant install its own VM.  Not only would the user notice it, but any half decent firewall would query for it.

[LuckyS]

I highly doubt a trojan / malware could install its own VM.  That would be way too obvious.  A VM would need internet access and a bunch of other stuff.  [...]

Well, that's the point isn't it? The OP stated that a VM with the "proper" setup doesn't result in comodo  asking for permission to grant it access.

Or did I get you wrong?

[Ehgreg]

Common fault in reading the OP, this is not about an installed VM getting hijacked but a Virus/Trojan/Malware installing its own VM to call out.

OK, what is the lesson to be learned for the average user (which most are) here ?  LOL, Can we say "Dear Debunker, you have been pwned. Please try harder next time." ? Or what ?  Seriously tho, test, test if ya have the setup.

 Guy acts as if he knows about some malware that has the ability to install this vm. 

Guess I'll have to reread some things again.


Edit: Without spending too much time, I have gathered that One needs some form of H.I.P.S. and that some firewalls have this h.i.p.s implemented already... and that they are not in the beta stage ? Ok thx for pointing that out. 

[Melih]

I think we should setup another discussion called Firewalls and VM and discuss this there. Otherwise other people won't be able to find these valuable discussions in this topic.

then we can close this topic.
thanks
Melih

[gibran]

This topic has exausted its purpose and shifted the focus on VM and Firewall interaction.
In order to address these latest developments I splitted latest posts and created a new topic

Firewall Protection and Virtual Machines

Topic Closed

[Tags:]