A few questions

I’m considering trying out Comodo and before switching I’ve got a few questions based on my somewhat limited research…

  1. Is localhost always implicitly trusted? I’ve tried a number of firewall products over the years and am endlessly annoyed that so many of them trust local connections automatically. In particular this is highly important anytime a proxy server product such as AdSubtract is in use because it implicitly gives every application unlimited outgoing connections without any user intervention or knowledge.

  2. It looked like Comodo controls all communication from power on until fully logged in. Is this true and is it the full rule set during early boot up? For example how does it compare with Tiny’s, soon to be CA’s HIPS, firewall?

  3. Is it possible to control exactly what actions a particular application is capable of performing?

  4. I see that the product contains a DNS cache feature that can be disabled. By default does it just cache the answer, or does it act like a real caching server and thus respect timeouts?

4a) Is it possible to allow applications to resolve names without allowing them internet access? In particular a number of applications (especially in the cygwin environment) seems to generate name resolve requests to get the fully qualified hostname perhaps, but never actually connect to things.

  1. I’ve seen references to a newer version coming out that will have an updated rule/interface, any time frame on that? In particular I’m confused as to why network rules should be necessary for allowing access to application opened ports. Just allow the user to specify some applications as SERVER applications and by default open up any ports they use. Heck, if you want to make friends and be super popular why not even enable automatic router configuration for those opened ports via UPnP? This would immediately reduce the number of people looking for help here by a factor of 10 I bet because games, irc, torrent, etc all would just start magically working even behind a local router. Of course you should still be able to manually configure everything if you uncheck the appropriate automatic configuration options for a particular application (it should not be a global only option).

5a) How does Comodo deal with a game that doesn’t play nice and wants to use random ports that expect incoming connections? In these annoying cases I use the DMZ feature of the router and rely on the software firewall. Comodo would appear to be significantly less safe that most firewalls because I’d have to open up all non-privileged ports to get the game to run.

  1. How does comodo deal with stupid applications that try to load pages via IE by routing the requests through explorer? It appears that in normal use most users will have allowed explorer to be a parent of IE and thus this would be acceptable when clearly it’s something I’d like to catch…

Wow, that turned out longer than I thought when I started. Hope it’s not too much :slight_smile: