hmmm…
Melih
Please ad an option like the one nod32 has to automatically upload suspicious files. It should be added in both CPF and CAV.
It would be good if they did.
Mike
(J)
I was wondering if you can add an option to change the default blue color of the CPF and the other programs. something like the “nero startsmart” or the “windows media player” ability. Blue is my favorite color but I like to change every now and then.
I’d like to know if it is possible to unlock automatically blocked IPs (during the time of blocking) after a suspicious activity. This because the IP could be a good one, making authorized “suspicious activity”. Sygate was able to unlock blocked IPs … I’m just comparying what I knew with the new one.
The fact that I can contact it after blocked may not be sufficient since I might need him to contact me or answer to some requests coming from me.
Here are a couple of more comments:
-
When an application tries to connect to the internet, it would be useful to know the destination ip in some cases.
-
I also like mike6688’s idea of the community network for application asessment.
-
It would be nice to block the referrer for internet browsing. Or is there a feature that does so already?
I’m a laptop user and a longtime user of Tiny PF(r.i.p.). One of the nicest features of Tiny is the ability to move a network adapter into different zones. So, e.g., if I’m home connected to my home LAN via ethernet, I can put the Ethernet adapter into the trusted zone. On the road or using hot spots, I could put the WiFi adapter into the untrusted (Internet) Zone.
This is particularly effective when using a VPN. One can put the physical adapter in the untrusted zone, but the VPN virtual adapter into the trusted zone.
Before start to take a look at CPF, I read all the previous suggestions, and I agree with almost of them
The developers of CPF have a lot of work to implement them all! 
It’s always great to see the developers opened to listen the users suggestions and implement their requests, if they are good of course… 
I will add some suggestions to improve this very promising firewall:
Network Monitor
- Give a name for a rule, to easy identify it.
- An option to enable/disable a rule from the list
- Instead of the Criteria column, add the source/destination port columns.
Rules
- Add support for more protocols (IGMP, ARP, RARP) (more info)
- Add the feature to indicate the source/destination MAC Address, if wanted.
- Add the feature to choose the TCP flags…
- An option to associate the rule with all the network adapters, or only one!
- For easy understand and rule create, put all the definitions in one window, instead of have tab for source/remote ip and source/remote port. Something like this will be excellent ():
http://img92.imageshack.us/img92/6268/ruleinterfacesuggestion1dv.png
This image is from CHX.
Logs
- Selecting one log entry, add an option to the context menu, to open the dialog to create a rule with log details.
Really hope that they can be implemented… ;D
Continue the great work
I agree with the above requests by VaMPiRiC_CRoW. They would be very nice.
I have a couple more wishes…
the ability to select , block , allow , → ASK ← in the component monitor.
along with destination ip’s, a tcp log would be great to.
Greetings all. Hope I’m posting this in the correct spot.
Suggestions for improvements etc on a wish list are
all well and good but please let’s not turn CPF into
bloated, cumbersome, overly-technical protection.
Let’s follow the KISS principal! It is already one of the
best firewalls around.
I only suggest things that belongs to a firewall
I also don’t want a bloated firewall with useless functions from other type of applications…
Here is outpost firewall’s implementation of one of the suggestions:
I wish to have a very basic HIPS like function in Comodo fireawall like OS firewall in ZoneZlarm Pro or at least like Application Execution Control in Kerio.
I know it will be an extra add-on and basically is not a function of firewall but it will give an extra edge to this nice firewall( like ZoneAlarm Pro, Kerio and Outpost are having).
As it might need a lot extra work, it can be planned for furure versions if mot now.
Some more suggestions,
1-Pop ups for incoming attack blocked from right lower corner of screen( with the option to disable them) like in Zone Alatm Pro.
2-Option to refresh the application list, so that the uninstalled applocations will be removed from the list automatically.
3-Comodo firewall should be resistant to be disabled by any malware(option of protecting self 3-termination). BTW, I don,t know how resistant it is at the moment in this regard( ZoneAlarm is said to be resistant while Kerio is not as I know)
It is already resistant against such attacks.
I want Comodo to be resistant against such termination.
“The only attack that successfully shut Comodo down involved an elaborate series of simulated mouse clicks, an unlikely and highly visible attack. Among the earlier group of free firewalls, only ZoneAlarm resisted all four types of attack.”
I am sure a future version of Comodo will not shut down to these types of attacks, new ways to attack users are coming out, so Comodo will need to block all of the new attack types if they want to be the best, and I am sure they will so it is only a matter of time until Comodo can protect against these types of attacks.
Hi guys,
We are aware of this issue.
This is a difficult attack type. An application must try to simulate what you do by hand with mouse to close CPF. But ofcourse, this is an attack and will be taken care of in the next releases.
Egemen
I think that the Comodo developers should serious start to think to make something similar to what Mike suggested, to avoid all the annoying security alerts that all the added leak protection require…
example:
[b]Outpost - ImproveNet:[/b]Creating the rules for applications in Outpost is now significantly easier. ImproveNet relieves users of the need to set all their firewall security rules themselves by giving them the option to network with other Outpost users and Agnitum engineers to share configurations and gain access to universally-applicable Internet access security rules. Users simply check a box in the Outpost interface to give their permission for rules they create to be automatically reported to Agnitum engineers. The engineers check the rules for validity and then automatically distribute them to all other users through the Agnitum Update tool.
Users benefit by seeing far fewer action prompt windows, ensuring a less-interrupt-driven computing experience, because Outpost will apply automatic presets based on the rules, adjusted by other users. And because they do not need to manually create their own rules, the primary cause of firewall failure – configuration errors – is removed, increasing security while reducing user input. Updates are delivered daily, so the need to manually configure rules is minimized.
In Outpost 4.0, ImproveNet gathers information at the local PC level about how programs interact. These new local rules are automatically updated for ImproveNet subscribers and used to differentiate between safe and unsafe activities. This approach provides a new level of security over local processes.
More info: AgnitumImproveNet.pdf