Bad review by [CLOSED]

Here’s the review:,2817,2333811,00.asp

Not only does the firewall get rated below zonealarm, but apparently defense+ is happy to let malicious websites infect our computers without giving any warnings.

According to that review, Comodo CIS utterly fails the Core Impact test suite…

All in all, bad news for Comodo and bad publicity.

I’d love some replies, especially concerning the fail against the Core Impact penetration tools…
Oh and I know the review is for 3.5, but that is irrelevant, if the issues at hand have not been fixed.

It’s old news znix.

PCMag’s reviews are biased. The only winner there is Norton. :-TD (2009 version a actually good, but you can’t say that about 05,06,07,08 editions which where selected as the best by PCMag)

CIS beats ZoneAlarm hands down it both protection and performance.

It may be biased, but that still doesn’t answer my question concerning the:

Core Impact penetration tools test. That Comodo failed.

I don’t care whether Norton passes it or not. I’m using Comodo, so let’s focus on that.

Check for yourself

Matousec does not use Core Impact. They use their own tools, SSTS, freely available at their site.

Comodo passes most of those tests, but that does not mean they pass Core Impact.

So, back to square one of having failed - until proven otherwise.

This is not something an average user can do (Unless they pay money) Melih will have to look into this…

I think the comments of CIS 3.5 from pcmag are fair enough as they mainly reviewed from a casual user’s point of view.

I use CFP myself since version 3.0 but I only install CFP in my family members’ PC until the release of CIS 3.8.

A casual user is not able to answer those pop-ups from D+ and CFP.

Core Impact penetration is widely considered to be the most powerful exploitation tool available. It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes.


Core Impact isn’t cheap

Metasploit Framework is FREE (excellent penetration testing)

Did the auther use proactive configuration?
I didn’t read it anywhere. Nontransparent testing methods aren’t trustworthy.
And with D+ you can restrict the rights of critical applications such as web browser.
I don’t have any noticeable impacts. I can’t really confirm anything of what he said,
He either didn’t test version 3.8, did he?.
Also the tester seems to be a bit cynical and being cynical easily leads to being unobjective.

IMO u can kick this test to the garbage… (:CLP)

Most of those penetration tests uses a flawed application or service and lunch a buffer overflow attack. 3.8 handle that kinds of attacks well, much better than norton or similar thanks to BO protection inbuilt that Norton totally lacks. Other testing can include user interaction, were a user visit a infected site or similar, D+ is much more suited to protect against these stuff than norton ever has been.

PC mag is garbage, as Commodus said, their conclusion is always “norton is the best”.
It been so every year, reality is CIS beats norton in every aspect. If the tester is unobjective he could always find a reason to say that A is better than B. Eg, its too hard to use, the antivirus has less detection ratio and focus on that and so on while overlooking other important aspects such as prevention or the firewall.

2 Quote from pcmag:

"The firewall isn’t quite as powerful as top-of-the-line firewalls like Norton’s and ZoneAlarm’s. Perhaps that’s to be expected in a free product

Real-Time Malware Protection Misses Much"
Omfg is this guy a retard. D+ misses no Maleware at ALL.

And if he did some kind of pen testing he should state how he did it and what settings he used.

Don’t forget that parental controls are most important !!! :wink: ;D


First the REVIEW DATE is 11.03.08, that’s a bit old. They have checked Version 3.5
And magazines like PC Mag are buyable how many others. Give them enough money
and you get a good result in the test.
I only trust independent organizations like AV-Comparatives but the personal
opinion is the most important.

In large the review is expressed in opinion and very little with numbers, percentages, and proof. However with that said, just because I found the review to be biased doesn’t mean that we shouldn’t take some of it seriously. I agree with the date that he did the tests he would have had to be using 3.5 and so with that said alot of his issues with pop-ups has been solved, but it still isn’t perfect. With that is mind we (the Comodo community) should always strive to make the absolute best product available and we are comming closer, but there is still a long way to go for this product to be able to be used by a large portion of the general public.

I don’t think we should toss this “review” in the trash as was said, but we should put it in the pile of “try to decipher something coherent out of this and see if there is something in there that actually needs to be fixed pile” (:TNG)

Edit: The part in the review about going to web pages and surfing sounds alot like BO attacks, and should then be caught by CIS 3.8 cause of the memory firewall. Either way, Melih should have a looky into it. But if some sites are using these tactics then i’m sure someone around here knows about them and I’m sure that someone around here has a test PC to give it a try with 3.8 installed and fully operational.

But yeah, either this guy doesn’t seem to know what he is doing to allow malicious software past D +, or he was going out of his way to try to form a bad opinion for Comodo.

Do you think AVcomparatives is independant ?


yeah i dont trust reviews any more after seeing all the 10’s grand theft auto IV got from review sites like gamespot. gotta be some money changing hands behind the scenes no doubt about it.

If you read the contents of the review, you’ll know why CIS 3.5 got bad result. The reviewer did not terminate a program’s actions that warned by D+ or FW’s pop-ups unless CIS explicitly said it was a malware. The reviewer just similate responses of casual PC users when they are flooded with pop-ups.

Well that’s bullshit and proves that this guy was in for giving it a bad review. HIPS is something else and won’t be there to label stuff as a virus in the first place he knew that, yet he expect that, D+ is really good at doing what its meant to do being a Host Intrusion Prevention System and preventing everything. A more normal conclusion would be that it blocks all bad stuff but require user interaction/knowledge.

Whats next, a test of photoshop were you claim it to fail at removing red eyes since its somewhat hard and a “normal” user would not find the remove red eyes function or use it.

CIS 3.5 had the malware prevention and should have gotten GREAT score on that, A PERFECT score in my opinion.

And the conclusion that the firewall is not in pair with norton or zonealarm…

i’m sorry, dont want to be rough but i hardly can believe someone telling that zone alarm is a better firewall than comodo, it’s the joke of the year for me.
and actually i think comodo proved that it rules the FW world, i dont know a better FW for xp or vista,
i’m not talking about the antivirus part as i never used it.
D+ is finding for KAV malwares that it is not able to detect, when i send malwares i find, they reply thanks, etc, but don’t thank me, thank Defense+ instead. :wink:
what they want on pcmag is something able to protect the surf from malwares but i dont use comodo to control what is downloading when i surf the web, i use KAV and SuperAntiSpyware, but if your pc get infected, the malware will try to change things on your system and i think this time D+ will alert the user about that no ?

i sometimes wonder if people know how comodo works ?
when u write something on a product, u’d better take the time to be sure u understand how it works.
comodo is not perfect 100% but we know that no one is, even if it’s not perfect, it’s better than exemples given into pcmag that are jokes. sorry if i hurt someone but it’s better to get how something works instead of testing thing in 5 min and give bad advices to users that imagine they’ll get a great protection cause someone said so.
test by yourself then u can judge it.
dont trust those type of articles written cause u never know what’s hidden behind. ($$$$$$)
comodo FW as freeware got nothing to prove unlike other competitors. and despite of that, comodo is leading :-p (my opinion :slight_smile: )

comodo’s firewall isin’t up too the one from norton = LoL
don’t lisen to them…