Author Topic: Comodo Firewall or Online Armor (full version)  (Read 41211 times)

Offline cimmind

  • Comodo Member
  • **
  • Posts: 33
Comodo Firewall or Online Armor (full version)
« on: May 29, 2009, 09:42:03 AM »
I have been using Comodo 3.5 Firewall + Defense+ for the past few months, without any glitches so far.
I have two basic questions:
a) how essential is it to update to version 3.9? 

b) I realize that the best option for me would be to do a clean install after uninstalling v3.5. However the installer exceeds a mammoth 70MB.. of which the only useful component for me is the Firewall. I am not shifting from Avast as of now for AV.
    I have recently got a one-year license key for Online Armor (full version), whose installer weighs in at hardly 10MB or so.

Which would be the better option to go for? Can someone who has used both, present a pros-cons comparison of the two.       
 

Offline Saul Luizaga

  • Computer Security Testing Group
  • Comodo Loves me
  • *****
  • Posts: 141
Re: Comodo Firewall or Online Armor (full version)
« Reply #1 on: May 29, 2009, 01:33:53 PM »
I'm not an expert buy I'll make my contribution:

a) Lots of fixes and security improvements, e.g. (BOClean is included in v3.9), thread sense is a nice feature (online check on COMODO website for security), better self-/System-wide protection. Only gets better and better, so i strongly suggest it. BTW, if you want to check the change log you can see them when you go 'Miscellaneous' --> 'Check for Updates', appears a small window saying updates are available, at the bottom there is a underlined message: 'Detail...' or something similar. You wont be able to make a self-update from v3.5, the updater will give a link to the full download, so yeah, is better you uninstall and make a new install.

:comodo110:

b) Man, the price of 70 MBis little compared with the world class service of CIS v3.9, even if you don't install the AV the large database still is used for malware search when you install the product and can recognize malware when encountered I think (without AV I think still does this, not sure). I use Avast! for Antivirus since a couple of years ago I got a bad experience with the AV (Windows would restart in a loop without getting even to the desktop I had to reinstall all over again WinXP and apps), also I tested a few months ago and avast caught more viruses that COMODO AV, that's why I suggested that Avast! work together with COMODO, so I'm not ready to go full use of CIS at least on the near future.

Don't know what makes you BUY another Firewall having CIS, but anyway:
http://www.testmypcsecurity.com/view_results_xp.html
http://www.testmypcsecurity.com/view_results_vista.html

Here are all the test they perform so you can test both Firewalls: http://download.comodo.com/securitytests/All_tests.zip

Regards.

Offline cimmind

  • Comodo Member
  • **
  • Posts: 33
Re: Comodo Firewall or Online Armor (full version)
« Reply #2 on: May 29, 2009, 10:43:33 PM »
Thanks buddy for the reply.

Yes, i guessed if the new added features make it essential to update the version. However i am not so sure about the malware database being shared by the Firewall component. The last available standalone version of the Firewall (available at majorgeeks.com) is about 18 MB. So i am guessing the Firewall component of the 70mb suite would be amounting to about 25mb or so.
You are bang on about using Avast. It has not failed me yet, and the ability to turn on/off the modules comprising the Avast security mean that i can configure it to run on my low config set up.

But i still wish to know the pros-cons vis-a-vis Online Armor. It is a proven better detection firewall, but is it worth to change to it.

Incidentally, i got the one-year license key for free, did not pay for it. Check the thread in this section itself: https://forums.comodo.com/computer_firewalls/online_armor_35_1_year_license_at_giveawayoftheday-t40165.0.html

Offline Eric Cryptid

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2902
  • Security Saskquatch
Re: Comodo Firewall or Online Armor (full version)
« Reply #3 on: June 01, 2009, 07:19:04 AM »
Thanks buddy for the reply.

Yes, i guessed if the new added features make it essential to update the version. However i am not so sure about the malware database being shared by the Firewall component. The last available standalone version of the Firewall (available at majorgeeks.com) is about 18 MB. So i am guessing the Firewall component of the 70mb suite would be amounting to about 25mb or so.
You are bang on about using Avast. It has not failed me yet, and the ability to turn on/off the modules comprising the Avast security mean that i can configure it to run on my low config set up.

But i still wish to know the pros-cons vis-a-vis Online Armor. It is a proven better detection firewall, but is it worth to change to it.

Incidentally, i got the one-year license key for free, did not pay for it. Check the thread in this section itself: https://forums.comodo.com/computer_firewalls/online_armor_35_1_year_license_at_giveawayoftheday-t40165.0.html


Why not have a look at the Matousec Test results. It's advanced testing of both CIS and OA along with many other products. The main page is: www.matousec.com  The results page is: http://www.matousec.com/projects/proactive-security-challenge/results.php

CIS / CPF has always been in the top 3. The current tested version is 3.8. A number of fixes included improved security with 3.9 means CIS will be back on top again when it's tested.

CIS / OA and the new version of Outpost Free are good choices. CIS remains free and constantly improving with great support in this forum.

The Choice is yours really...
E

Moderator: Any concerns? PM me and/or review the Forum Policy
System: 64 bit Win 10
Realtime Protection:CIS 12

Offline ailef

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 947
Re: Comodo Firewall or Online Armor (full version)
« Reply #4 on: June 01, 2009, 10:47:45 AM »
there's a 64 bit version of online armor now ?

update : i went to the tallemu site and there's no 64 bit version.
« Last Edit: June 01, 2009, 10:52:44 AM by ailef »
Windows 8.1 Enterprise 64bit

Security programs installed : Comodo FW v12.2.2.8012

Offline jay2007tech

  • Malware Research Group
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2325
Re: Comodo Firewall or Online Armor (full version)
« Reply #5 on: June 02, 2009, 06:52:09 PM »
I remember a while back that someone said online Armour  couldn't handle DOS attack.  flooding and stuff.  maybe they fix this

It's hard to compare onlineamour and comodo

It's hard being a crooked Admin when the files won't pass an md5checksum test.  But like any other good crooked Admin it can be done, it just takes time(and lots of it) and a few aspirins

alex_s

  • Guest
OT 3
« Reply #6 on: June 06, 2009, 06:23:14 PM »
This topic is open for discussion again. please do not poison this one again.

Xan

OK. Let us start from the beginning.

===
OA does NOT have a layered approach ,
===

This is just a nonsence without any valid proof. OA AV+ (or ++ shortly) is a multi layered security solution. As for me I think HIPS and firewall is enough to be safe, still I have AV just to save my time, for it can detect the known threats at the very early stage. But most people are just not ready to use HIPS, unfortunately. So the way to go seem to be virtualization (sand-box like approach). And as far as I know OA moves there already.

alex_s

  • Guest
OT 3
« Reply #7 on: June 06, 2009, 06:38:21 PM »

===
crash7.exe: This test tries to allocate all the memory of the computer to crash applications including the security software
--------------

It might be possible for an application to crash if there is no more computer memory available. This is usually a random case. We do not plan to make any changes to pass this test because
===

Egemen
Melih


Actually, this is not a problem to handle this situation gracefuly. All you need to do is to control memory allocations. And this is not "just a test", this is qute real situation where a program with memory leak can bring your system to the nonfunctional state. Controlling memory allocations you can save a system from such programs. OA already do it since some recent beta :)

alex_s

  • Guest
OT 3
« Reply #8 on: June 06, 2009, 06:48:17 PM »

--------------
socksnif.exe: This test is designed to test if a malware can snif your network connection or not.
--------------

If "\Device\Afd\EndPoint" is added to the Defense+ My Protected Files list, this can be easily intercepted. Adding this entry to the protected files means, making Defense+ to alert you for each and every application which tries to access Windows Sockets.

However, we do not plan to add this to our default protected files.
===
Egemen
Melih


This approach is wrong. If you control "\Device\Afd\EndPoint" you have a lot of the false positives and mislead the users with the wrong alerts (or cause their programs to work incorrectly if this device is blocked).

To handle this situation gracefuly you need to control "\Device\RawIp" at TDI level. Unlike "\Device\Afd\EndPoint" this brings a lot less false positives and much more meaningful security alerts. Usually programs do not need to use this device.

Needless to say this is what OA does for a very long time already :)

alex_s

  • Guest
OT 3
« Reply #9 on: June 06, 2009, 07:51:51 PM »
Don't know what makes you BUY another Firewall having CIS, but anyway:

http://www.testmypcsecurity.com/view_results_xp.html
http://www.testmypcsecurity.com/view_results_vista.html



"New Test Results Added - 29th May 2008". This project is dead.

Comodo Firewall Pro      3.0.18.309
^^^^^^^^^^^^^^^^^^^^^

Online Armor Personal Firewall    2.1.0.119    
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The current version is 3.5.0.14 and the curent public beta is 3.5.0.18

Offline Eric Cryptid

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2902
  • Security Saskquatch
OT 3
« Reply #10 on: June 06, 2009, 08:49:29 PM »
See Matousec test results for a more up-to-date comparison:

http://www.matousec.com/projects/proactive-security-challenge/results.php

Moderator: Any concerns? PM me and/or review the Forum Policy
System: 64 bit Win 10
Realtime Protection:CIS 12

3xist

  • Guest
OT 3
« Reply #11 on: June 06, 2009, 11:46:33 PM »
I invite people to read here if interested in how CIS layered security architecture works and how installing one's firewall and another AV causes issues: https://forums.comodo.com/forum_policy_violation_board/comodo_firewall_or_online_armor_full_version-t40863.0.html;msg296391#msg296391

:)

Cheers,
Josh
« Last Edit: June 07, 2009, 12:09:18 AM by Deadly Pawn »

Offline SoccerDad

  • Comodo Member
  • **
  • Posts: 42
OT 3
« Reply #12 on: June 07, 2009, 12:30:21 AM »
I have Avira Free and OA Paid running on 10 machines now. No troubles at all. Also nobody getting locked out of there pc like CIS users. The top av and the top firewall. Avira and OA. A match made in Heaven.

3xist

  • Guest
OT 3
« Reply #13 on: June 07, 2009, 01:21:46 AM »
« Last Edit: June 07, 2009, 01:32:56 AM by Deadly Pawn »

Offline egemen

  • Comodo Staff
  • Comodo's Hero
  • *****
  • Posts: 3380
OT 3
« Reply #14 on: June 07, 2009, 10:34:36 AM »
Actually, this is not a problem to handle this situation gracefuly. All you need to do is to control memory allocations. And this is not "just a test", this is qute real situation where a program with memory leak can bring your system to the nonfunctional state. Controlling memory allocations you can save a system from such programs. OA already do it since some recent beta :)

So? What security risk does this pose? Can you show me a termination test which can disable CIS protection including this one? This is not a memory leak test at all.


 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek