Author Topic: Updated! CPF 2.3.1.20 BETA is available!(Removed CPF 2.3.0.19 BETA)  (Read 16979 times)

Offline duke1959

  • Comodo Loves me
  • ****
  • Posts: 124
Re: CPF 2.3.0.19 BETA is available!
« Reply #15 on: July 13, 2006, 04:07:17 AM »
hello. I was just wondering how safe and stable this version is for a novice like myself to use? I previously used version 2.2 and found it great, but had to uninstall it due to memory usage slowing down my 480MB RAM CPU. I feel this Firewall is far and above Kerio PF which I have also tried out, although it didn't seem to slow me down at all. And liked Comodo much better than Look N Stop Firewall which although ran very low on memory, didn't appeal to me in features and design like Comodo. I am on wireless Desktop CPU with Linksys router, and my dear son alternately turns off it's firewall to play some game that he can't configure to work otherwise. Anyway, I simply feel Comodo is safest bet for me to protect my computer along with Avast, and WinPatrol. I just need fast user switching for two user account, and lower memory usage that beta gives me. I had no trouble using 2.2 with it's "Out Of Box" set up as advertised. (No problems with uninstall either by the way).  I can deal with allow and deny, just not some major unknown beta problems. Any suggestions are welcomed, and thanks in advanced to Melih who I know is very much involved in this project. Sorry for long post, and I hope it's in correct area.

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: CPF 2.3.0.19 BETA is available!
« Reply #16 on: July 13, 2006, 04:43:56 AM »
The Basic popup logic (less number of popups) option under Adavnced Security Configuration does not seem to remain set between re-starts.

And the Max Log Size always resets to 5MB. Am I misunderstanding what this option is for?
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline mike6688

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2112
Re: CPF 2.3.0.19 BETA is available!
« Reply #17 on: July 13, 2006, 05:14:52 AM »
Hi,

When sending 'safe' applications through the submit feature what information do you want us to supply to you about it?

Mike
Volunteer Moderator: Opinions are my own and may not reflect those of Comodo.  Please read and abide by the forum policy!

Offline pandlouk

  • I love Comodo
  • Comodo's Hero
  • *****
  • Posts: 2240
  • Retired Mod
Re: CPF 2.3.0.19 BETA is available!
« Reply #18 on: July 13, 2006, 07:47:20 AM »
I have installed the beta and after one day I don't have any problems.

The only question is:
What are the two new rules for? ( I mean why you added them; since icmp incoming fragmented packets can be used for some type of attacks)

Offline Melih

  • CEO - Comodo
  • Administrator
  • Comodo's Hero
  • *****
  • Posts: 14690
    • Video Blog
Re: CPF 2.3.0.19 BETA is available!
« Reply #19 on: July 13, 2006, 08:16:13 AM »
Hi,

When sending 'safe' applications through the submit feature what information do you want us to supply to you about it?

Mike

if you think there is some information we shoudl know about this then would be useful.. or a website where u got it from etc.. The whole idea is for the SafeList Research team to go download analyse this. So whatever u think will make it easy for them pls

Melih

Offline mike6688

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2112
Re: CPF 2.3.0.19 BETA is available!
« Reply #20 on: July 13, 2006, 08:23:16 AM »
if you think there is some information we shoudl know about this then would be useful.. or a website where u got it from etc.. The whole idea is for the SafeList Research team to go download analyse this. So whatever u think will make it easy for them pls

Melih

Ok, thanks Melih I will do.

Mike
Volunteer Moderator: Opinions are my own and may not reflect those of Comodo.  Please read and abide by the forum policy!

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: CPF 2.3.0.19 BETA is available!
« Reply #21 on: July 13, 2006, 08:46:29 AM »
The Basic popup logic (less number of popups) option under Adavnced Security Configuration does not seem to remain set between re-starts.

And the Max Log Size always resets to 5MB. Am I misunderstanding what this option is for?

Is this just me with the above problems?

Also the default set-up of 2.3.0.19 BETA created an network rule blocking all outbound ICMP PORT UNREACHABLE's. Please excuse my ignorance. But why should these be blocked? Even from your DNS?

Thanks in advance..
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: CPF 2.3.0.19 BETA is available!
« Reply #22 on: July 13, 2006, 09:45:01 AM »
Is this just me with the above problems?

Also the default set-up of 2.3.0.19 BETA created an network rule blocking all outbound ICMP PORT UNREACHABLE's. Please excuse my ignorance. But why should these be blocked? Even from your DNS?

Thanks in advance..

ICMP PORT UNREACHABLE messages are sent when someone tries to connect to your PC with UDP protocol. Since you may have configured CPF to allow for some incoming UDP ports, when an application is not listening on that port, this rule will prevent your PC from being visible.

In short, sending port closed messages are not necessary while you choose to remain stealth.

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: CPF 2.3.0.19 BETA is available!
« Reply #23 on: July 13, 2006, 09:46:59 AM »
The Basic popup logic (less number of popups) option under Adavnced Security Configuration does not seem to remain set between re-starts.

And the Max Log Size always resets to 5MB. Am I misunderstanding what this option is for?

No basic popup logic stuff anymore. It will be removed in the stable release. Popup frequency will be introduced instead of that option. So it is not functional right now.

We will check for Log size issue. it should not behave like that.

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: CPF 2.3.0.19 BETA is available!
« Reply #24 on: July 13, 2006, 09:52:19 AM »
I have installed the beta and after one day I don't have any problems.

The only question is:
What are the two new rules for? ( I mean why you added them; since icmp incoming fragmented packets can be used for some type of attacks)

ICMP Fragmentation Needed messages are needed because when CPF blocks them, many users experience limited connectivity problems. Stateful inspection ensures fake packets are blocked. So for a personal computer, there is no significant threat.

The other rule is for providing UDP stealthing. When a rule exists for UDP IN and no application listens on the requested port, that rule will block port closed messages to provide better stealth.


VaMPiRiC_CRoW

  • Guest
Re: CPF 2.3.0.19 BETA is available!
« Reply #25 on: July 13, 2006, 09:58:49 AM »
egemen,

did you read the Edit of this post: http://forums.comodo.com/index.php/topic,1047.msg6549.html#msg6549 ?

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
Re: CPF 2.3.0.19 BETA is available!
« Reply #26 on: July 13, 2006, 10:47:34 AM »
egemen,

did you read the Edit of this post: http://forums.comodo.com/index.php/topic,1047.msg6549.html#msg6549 ?

Ah yes. What you write is correct. But this is not a problem. It is related to network behavior analysis/profile CPF builds internally. Since you have previously established a sort of ICMP relationship with shieldsup site by allowing echo requests, you need to wait for 30 seconds to 3 minutes before CPF applies the new ICMP rule for shieldsup site only. But during this time, in your case only the shiledup site can ping your host. Other hosts, if not established some relationship with your host because of allow ICMP echo rule beefore, will be blocked immediately.

Egemen

VaMPiRiC_CRoW

  • Guest
Re: CPF 2.3.0.19 BETA is available!
« Reply #27 on: July 13, 2006, 10:49:18 AM »
Ah yes. What you write is correct. But this is not a problem. It is related to network behavior analysis/profile CPF builds internally. Since you have previously established a sort of ICMP relationship with shieldsup site by allowing echo requests, you need to wait for 30 seconds to 3 minutes before CPF applies the new ICMP rule for shieldsup site only. But during this time, in your case only the shiledup site can ping your host. Other hosts, if not established some relationship with your host because of allow ICMP echo rule beefore, will be blocked immediately.
OK :)

Offline duke1959

  • Comodo Loves me
  • ****
  • Posts: 124
Re: CPF 2.3.0.19 BETA is available!
« Reply #28 on: July 13, 2006, 10:56:09 AM »
Okay, I think I get the hint that this particular forum is for testers only. I think I will also wait until the actual release comes out to try Comodo again. I have a sense of humor so please don't take this post the wrong way. I'm secure enough not to get my feelings hurt because no one responded to me so far. I will just try to post in other areas of this forum which are more my speed. LOLOLO. Take care everyone.

Offline kail

  • Randomly Appearing
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11361
  • The future is much like the present, only longer.
    • COMODO's free software!
Re: CPF 2.3.0.19 BETA is available!
« Reply #29 on: July 13, 2006, 10:57:21 AM »
ICMP PORT UNREACHABLE messages are sent when someone tries to connect to your PC with UDP protocol. Since you may have configured CPF to allow for some incoming UDP ports, when an application is not listening on that port, this rule will prevent your PC from being visible.

In short, sending port closed messages are not necessary while you choose to remain stealth.

Thanks for your response egemen. One more question please. What if it was your own DNS that wanted the response. Would that also lead to.. erm.. visability (ie. not sealthy)?

No basic popup logic stuff anymore. It will be removed in the stable release. Popup frequency will be introduced instead of that option. So it is not functional right now.

Ah.. OK. Silly me.

We will check for Log size issue. it should not behave like that.

Thank you.
My System Details: W10Px64 with CIS 10 Beta, Firefox & Becky!
Forum Policy.
____
The problem is not the problems, the problem is people's attitude towards those problems.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek