Comodo and Online Armor

Firewall_CIS · December 16, 2008, 2:32am

Hi comodo,

Was trying Online armor before I decided to reinstall comodo again. They had a firewall rules which were automatically created after allowing internet access for programs. It made inbound rules as well as outbound. Does allowing inbound traffic to occur affect security and is comodo enough to protect my computer now, after Online Armor?

Kyle142 · December 16, 2008, 2:48am

If your reffering to inbound protection then most firewalls (even the windows firewall) can protect you.
Personally I havn’t used OA before. I’m confused as to why OA would allow inbound connections? Only really usefull to automaticaly do this if you use P2P alot or acting as a server. As far as I can see… Yes this does look like security vulnerabbility… Maybe someone else can comment.

You run tests on firewalls such as comodo’s CLT (Comodos leak tests) or tests from matousec.com
If you look at matousec.com firewal ratings you will see that comodo scored 90% and OA PRO scored 93%. But that test was conducted on an older build of comodo .432 and not .439, So infact comodo would score even higher again.
Learn Bitcoin, buy Bitcoin

AFAIK, by looking at feature comparrisions and people posting tests, Comodo looks the way to go. (Y)

Also, These guides I made might be of use to you;
https://forums.comodo.com/empty-t30535.0.html
https://forums.comodo.com/empty-t30473.0.html

CIS might seem a bit full on at first, give it a trial for a few days and you will notice that the alerts quite down ALOT, to the point of no alerts.

If you have any questions just ask away no matter how small.

ailef · December 16, 2008, 3:13am

programs known as safe by the firewall are auto-allowed but u can disable this setting in the shareware version,
don’t know about the freeware one.

Firewall_CIS · December 16, 2008, 3:35am

so, would inbound connections to programs like svchost and lsass and maybe system be a threat? and does it matter how many many ports are created for access for a web browser?

Would Comodo’s scan be enough to detect any threats, is a complete format necessary?

panic · December 16, 2008, 8:59pm

Inbound ports should only be opened when they are needed. I think you will find that while OA creates a rules that can allow inbound access to an app, the ports are only opened as and when that particular app is running. Still, it’s better to have a tight ruleset.

and does it matter how many many ports are created for access for a web browser?

Yes - your browser should only have access to the ports that it needs - 80 and 443 for HTTP traffic, 808 is the most commonly used proxy port and 21 for FTP (although this is not mandatory).

Would Comodo's scan be enough to detect any threats, is a complete format necessary?

I haven’t had any issues at all, but my web habits may be, and probably are, vastly different to yours. The AV in CIS is rapidly developing but if you have any doubts, you can run a second AV, just don’t have both set to do real time scanning.

Cheers,
Ewen

jeremysbost · December 17, 2008, 12:31am

CIS is basically the same for both freeware and shareware, the shareware just has extra programs like TrustConnect and online tools like Remote installation.