Comodo Firewall wishlist v4

Feedback/Comments/Announcements/News
#1

Thanks to Elfstone for providing a concise list:

This is what I managed to compile from the 22 pages of wishes. I tried to collapse similar features into one request. I am sorry if I skipped any important feature request. I encourage mods to edit this post rather than replying to it. I may have misunderstood some of the wishes. I hope there aren’t many obsolete ones in here.

Core features

  1. Ability to bind application rules to network rules. Subsequently, ability to log the causal application for every instance of a violation.

  2. Do something with application hijack false alarms. This is the worst security hole in CPF because it trains users to click Allow automatically.

  3. Other related wishes:
    Application rules should also apply when the application tries to connect indirectly (COM/OLE) through another app. When an “OLE Automation” attempt is denied from a pop-up alert and the “remember” option is not checked, the firewall’s response should be to deny only the current connection attempt. Conversely, when the “remember” option is checked, the firewall’s response should be to create a rule for the controlling application, not the connecting application.

  4. Packet logging! (user-definable in rules, and enabled/disabled globally)

  5. User response to alerts, queries, pop-up notifications should be logged.

  6. Support for more protocols, TCP flags and MAC addresses

  7. Option to skip crypto identification for an application.

  8. Allow/deny for current session only OR for a limited time (temporary rules).

  9. Block all / allow all for current session only OR for a limited time.

  10. Intelligent learning: user-controlled period of time in which applications that are permitted should be added with ‘allow hidden’, and skip advanced checks etc. Apparently useful for online gaming.

Configuration:

  1. Named rules!

  2. Ability to save configuration! Ability to save the entire configuration AND ability to individually save/load sets of rules, trusted components etc. Ability to import rules from other firewalls. User-defined rules should stick between uninstall/re-install/upgrade, etc.

  3. Ability to define an URN for auto-loading config / rules.

  4. Combined rules:

  • sets of rules for each application instead of numerous rules for the same application
  • freestyle combination of ports, protocols, directions for IP / range based rules
  • rulesets based on packet features

  1. Per user/group access rights to configuration (based on logged on user) AND/OR password protection.

  2. User-definable locations (home, work, hotspot) with their own sets of rules AND/OR ability to associate each rule to any number of locations.

  3. Ability to associate rules to any given adapter(s). Adapters are now named zones?!

  4. Ability to switch between firewalls mode based on location or adapter.

  5. User-definable zones / groups (lists of hosts, as opposed to ranges).

  6. Ability to defined trusted zones AND adapters per application (outbound and inbound).

  7. Black list of IPs (including ranges) to be banned on a certain port or range of ports.

  8. Option to refresh the application list and component list to eliminate uninstalled applications.

  9. Per user/group network policies (based on logged on user)

  10. Ability to manually unblock an IP that had been automatically blocked.

  11. Possibility to set a location for all log/temporary Comodo files

  12. Possibility to scan specific drives/paths for certified applications

  13. User-defined rules should ALWAYS take precedence. (They don’t?!)

  14. Uptader: remember what it has already downloaded so as to resume where it left off.

  15. Installer:
    Offline activation
    Unattended install, including activation.

GUI improvements

  1. Skinable interface. Ability to change font (and make use a serif font as default).

  2. A more ‘native’ interface using regular Windows elements.

  3. Keyboard shortcuts!

  4. Ability to create advanced rules straight from: pop-up notifications, activity lists, maybe even logs.

  5. Shell integration: ability to block/trust an application from Explorer context menu.

  6. Multi-monitor support (define which monitor should display pop-ups). Multi-desktop support.

  7. Panic (block all) button on the task bar.

Pop-up notifications:

  1. Attack blocking / selected alerts should generate pop-ups.

  2. First-time access by certified apps should generate informational pop-up.

  3. CPF’s popup notifications to be able to draw infront of Fullscreen applications.

  4. Bigger, more visible pop-ups:

  • more visible difference between Allow and Deny
  • clearer difference between ‘Connect to internet’ and ‘Act as a server’

  1. Option to launch CAV and scan the file from CPF’s the pop-up notification (and maybe from other main window areas).

  2. DNS resolution in pop-up notifications.

  3. Alerts should remain on screen even if the relevant application exists.

Main window:

  1. All lists (log, monitors) should be sortable by each column. All elements should be selectable for copy/paste

  2. More filters (like the Today, Last 7 days drop-down) in log viewer and maybe in the monitors well: show only connection type, rule violation, direction, etc.

Monitors:

  1. Enabled/disabled checkbox next to each rule.

  2. Ability to move multiple rules up/down.

  3. “Google this…” button in Component monitor.

  4. Add search in Component Monitor

  5. Add Path in Component Monitor.

  6. Replace the final Block&log rule with a “Block&log everything else” checkbox.

Activity:

  1. Transfer RATE per each connection/application in activity window.

  2. Keep closed connections for a while, grayed out.

  3. Name resolution. Ability to trace and whois straight from activity list (and logs).

Other:

  1. Range definition: the End-IP default should not be 255.255.255.255 (confusing).

  2. Access logs from the systray icon.

  3. CPF should remember window size/position between reboots.

  4. Links and ‘About’ button should launch the defauld browser, not IE.

  5. CPU usage monitor in main window.

  6. Rename Remote to Destination

Extra features

  1. Community rating feature for applications that are not in the official database

  2. IP protection for p2p similar to Peer Guardian. Should be integrated with the ability to define zones (above) and should include ability to synchronize blocked zones with Internet lists of hosts.

  3. Wireless security product (similar to AirDefense Personal) fully integrated with CPF to be user set up of security password(s) and WEP or WPA encryption. It should include scanning of all networks trying to connect / available.

  4. Traffic rate limiter (per application and/or connection definable in rules or instantly in activity monitor)

  5. All sorts of statistics about the current session, and weekly/monthly/yearly traffic, events, etc.

  6. CPF communicating with CAV and used its signatures to look for viruses etc in internet traffic and alert the user before the malware is downloaded.

  7. Module / plug-in / add-on support.

  8. Browsing security features: adblock, cookie stuff, block referrer, google images re-linker, user agent switcher, anti-phishing, W3C compliance enforcement

  9. CPF should lock the hosts file (I guess the one in system32/drivers/etc/)

Reverse DNS lookup and whois for IP in alert windows
Comodo Firewall Wishlist v5[Closed]
Praise
#2

Old Wishlist

Comodo Wishlist Rev 2 Document Finished on July 23, 2006 Total Wishes: 70

Note: Only the requests from the posts were put in this document, nothing else, also the username of the person who posted it is below each post in bold.

  1. CPF communicating with CAV and used its signatures to look for viruses etc in internet traffic and alert the user before the malware is downloaded. Kind of like an Intrusion Detection System.
    Posted by: mike6688
    Status : Pending

  2. CPF’s popup notifications to be able to draw infront of Fullscreen applications. This would be very useful for gaming. Indications of why the current behaviour is problematic here:
    http://forums.comodo.com/index.php/topic,194.0.html
    Posted by: antiKK
    Status : Pending

  3. It would be nice for there to be a wizard as part of the installation process to set the network settings according to how to connect to the internet. Working from a home wireless network, I’ve had to add the rule to allow traffic from 192.168.1.1 to 192.168.1.255 which I had to do manually. Just a thought…
    Posted by: EricEgan
    Status : Pending

  4. A downloadable installation guide and/or FAQ available on the web site and included in the application download. This should apply to all Comodo applications, not just the CPF.
    Posted by: panic
    Status : In Progress

  5. Could you please implement the “start with Windows” option.

Posted by: mad
Status : Pending

  1. it would be nice instead of having all the rules show up for an application, to have the application listed once and a plus sign next to it to display all the rules for that application. Also, it would be nice that where it has Permission list, if you clicked on the permission, you could change the permession instead of having to select the rule then select edit.
    Posted by: gwheaton
    Status : In Progress

  2. A standalone un-installer that can be downloaded from the comodo site.
    Posted by: pandlouk
    Status : Implemented since 2.3.0.19 BETA

  3. Firstly, would it be possible in the Description to have the Source IP on the main display instead of the remote IP which is obviously my router Internet IP Address (The 172…) it would be easier to keep track of the source IP’s that try to intrude my system. Secondly, under the same bit, it would be cool if you could sort the log (ie) by clicking on the word Description (For example) or Severity. All else is very very cool! So happy I switched to Comodo!
    Posted by: EricEgan
    Status : Pending

  4. I wish that comodo could remember what it has already downloaded when it’s updating it’s programming so that in the event that the user’s internet connection is severed for any reason the download ( update) could resume where it left off… Just like windows update does now…
    Posted by: Jason.b.c
    Status : Pending

  5. I would like to be able to define a zone with a list of IPs, rather than a single range. For example, I would like to treat a list of DNS servers as a zone. I can set them up one at a time, but this would be much more convenient.
    Posted by: sded
    Status : Pending

  6. I would like that the Comodo Personal Firewall have a module to protect us from the wireless threats, like the AirDefense Personal can protect. Products | Extreme Networks
    Posted by: VaMPiRiC_CRoW
    Status : Pending

  7. A product to enhance a wireless home network setup. Although setting and changing security settings is ok it still is a real pain to do. A good product that automates a lot of effort would be great. To expand I see this product be able to: Fully integrated with CPF. Be able to be user friendly for the setting up of security password/s and WEP or WPA encryption. To warn you of any attempted access to your wireless network.
    Posted by: davidpr
    Status : Pending

  8. My biggest problem with CPF as it stands now is that anyone who uses the computer can change the settings. That includes my son who runs as a non-administrator level user. That’s clearly a problem as I want to restrict the programs my son might want to run (e.g. IM applications or Bittorent).

Basically I would like to be able to control who can change the firewall configuration or be allowed to answer a popup such as “allow application X to access port Y.” Initially, that could be controlled by the level of user that is using the computer. Probably a good default would be to allow users who are “Power Users” or “Administrator” users to do this and not allow limited users to do this. You should allow this to be configurable (e.g. so someone could allow a different User Group to configure the firewall).

A more elaborate feature would be to allow for per-user security policies for both network-level stuff and the applications that can be run. For example, I could specify that my user login could run putty, but not my son. Or if I’m logged in, I could access a certain subnet on my network, but my son could not.

In another thread, there was talk of “centrally managing this stuff.” The realm of centralized management clearly puts you in the “pay feature” category. I’m not looking for centralized management, just trying to secure a single computer. All my other computers run other OSes.
Posted by: phoneboy
Status : Pending

  1. There was a very useful feature in Black ICE (the FW i was using before Sygate and before Comodo), it allowed to easily define a black list of IPs (including ranges) to be banned on a certain port or range of ports. I was even able to import lists of IPs and IP ranges from TXT files … (like those created by the Mail Server log, a bit revised.
    In my case this was extremely useful since I used it to ban Spamming IPs from accessing my Port 25 (SMTP server).
    Posted by: lorenzopar
    Status : Pending

  2. The ability to specify more than one parent application for each application rule.I currently have multiple rules for firefox i.e. Parent == Outlook, FeedDemon, Explorer etc… This clutters the application rules up a lot.
    Posted by: antiKK
    Status : In Progress

  3. I have a minor request, it’s the little tick box when you get a pop up. I have to extremely accurate and click right in the middle. Could the box be made bigger or the clickable area bigger?
    Posted by: JolietJake
    Status : Pending

  4. In the Network Control Rule dialogue box, CPF refers to a Source IP and a Remote IP. Could you consider renaming the “Remote” field to “Destination”? I believe that having a Source / Destination pair makes more sense to the user than having a Source / Remote pair - particularly when dealing with inbound connections.
    Posted by: dooplex
    Status : In Progress

    • sorting by columns. eg application, permission etc in the application monitor view

  • resizing of the description view at the bottom of the app. monitor view, resizing of views in general

  • http links in launchpad and firewall view should launch a default browser, not IE

  • combining of rules that have been set, eg tcp+udp in with tcp+udp out, for the same IP regions, I can see that currently this is done only for tcp/udp combo
    Posted by: drmjx
    Status : Pending

  1. Is it possible to integrate something like peerguardian2 to CPF? IP protection for p2p.
    Posted by: mad
    Status : Pending

  2. I’d strongly like the ability to customize a rule at the rule creation prompt. You should be able to choose a specific port, inbound/outbound, and TCP/UDP at the prompt instead of having to go into the configuration and write a rule.
    Posted by: mvdu
    Status : In Progress

  3. The features that should be improved are so far from what I noticed:

  1. Must protect all users that log in at one pc. (Enable protection for fast switching)
  2. Set Password to keep settings. (already mentioned in previous post)
  3. Have a better log (as already mentioned in previous post)
  4. Feature to submit new application info to comodo as a tool of the launchpanel (eg. product name, company, version, download website) or maybe have a userating feature for that specific application that has not been rated yet, giving at least some info to decide on before applicationname is integrated into official database.
  5. Default browser should be able to switch to Firefox.
  6. Easier setup on trusted/non trusted network. (seems rather raw right now)

By the way, in the Japanese childboard(thanks for moving it!), Hiro_H who is testing out CPF on a Japanese XP, mentioned that:

  1. Would be nice to have the option to use the keyboard to check or select on the popups.
  2. There is a problem when “Secure the host while booting” is checked. He mentions that an event error occurs when being a member of a domain, and he cannot access certain resources within the domain. Looking into the event viewer, it says “failed to set up the group policy” (content unknown). Also when trying to access mapped folders and their files, using the “net use” command, an error occurs mentioning:“Network name not found. Content unknown”, one cannot access.

Has this problem also occured with other language XP’s?
Whatever the case is, maybe this “secure the host…” option may need a closer look.
I also attached a little file on the network suggestion. (Some have already been mentioned in previous posts…)
Posted by: V4V
Status : Pending

  1. I would like to see a firewall specific tray icon instead of the Launch Pad. Showing bar graph for incoming and outgoing info, That will tell me that CPF is working and protecting computer.
    Posted by: ap22
    Status : In Progress

  2. I think there should be 4 pre-made rules (presets if you want) for Network Monitor:

OFF (Network Monitor disabled)
Stealth (Blocked all inbound ICMP Echo Requests)
Super Stealth (Block all inbound IP requests & allow only outbound IP requests, basically default settings which are enabled out of the box when you install CPF at the moment v2.1.1.1)
Custom (leaves user a full control over rules).

Settings for Custom should be saved separately so that they remain even if you switch to Stealth in between and then back to Custom.

These 4 options should be placed in simple dropdown menu under Network Monitor, so users can change it easily.

I’ve checked the machine and got a green status for stealthing (based on GRC.com).
So i think it’s ok. Plus it appears to work just fine with eMule (which doesn’t get HighID if i leave default Network Monitor settings aka Super Stealth).

Just a hint and i hope you’ll impliment this soon. If you need more info on what i meant about something specifically, feel free to ask me via mail or PM.
Posted by: RejZoR
Status : Obsolete

  1. I would like to be able to save the current configuration. This way I could make changes and if I want to go back to what I had I can do so, easily. Jetico has the ability to save and reload any saved configuration.
    Posted by: XpPaul

  2. Would like to see an option to save specific networks with presets: local network, trusted, internet, block, etc. When I installed CPF, a network dialogue popped up, but it was blank. I had to enter the IP address and subnet mask. I connect to many different (mainly wireless) networks in my travels, and being able to detect, configure options and save info for each network would be a time saver. The saved preferences would be applied each time a network was detected. I am not competent to advise of all the possibilites, but file and printer sharing would be one option; and others could be incorporated into local, trusted, and internet categories; with an option to override and configure options within each category.

Add a panic button to stop all traffic on the task bar.

Have CPF accurately show system adapers. The application shows my marvell adapter as an ethernet adapter. It also shows my Intel wireless 2915 ABG adpter as an ethernet adapter.

Incorporate the network adapter, the network name and type (as suggested above); and the configuration on its own page (eg "current network). This would show the adapter being used, the network name, the IP address and subnet mask; the category (trusted, local, internet, etc), and any custom rules for the network. While global rules are important, those of us who roam (and our numbers are increasing), are primarily concerned with the security and performance of the network we are currently connected to.

Don’t see a stealth option for the network. Possibly I am blind, or its on by default.
Posted by: gderreck
Status : Pending

  1. I’d also like to see option to switch between advanced (current program control) and simplified where you have just 1 Allow/Deny dialog for each program (like ZoneAlarm does for example). Usually if program connects outbound it also requires inbound or vice versa. So in simplified mode if i allow some program it’s allowed for all ports inbound and outbound. Some of us don’t need so verbose and thorough program control.
    But simple control whether one program can connect or not connect at all would be enough.
    Posted by: RejZoR
    Status : Implemented since 2.3.0.19 BETA

  2. Please add an explorer “shell integration” for CPF like the one of CAV.

This integration should have at least the features:

“Comodo firewall” → “add to trusted applications”
→ “block this application”

and it should appear when clicking with the right button of the mouse over an application.

It will be an enormous help for reducing pop-ups and will help with full screen applications.

Also it will prevent untrusted-suspicious programs from connecting at the internet before they run for the first time.
Posted by: pandlouk
Status : Pending

  1. What do you think of the idea for when a user ‘allows’ a program to access the internet etc the program is sent to Comodo to automatically be checked by Comodo and added to the ‘safe’ list or ‘block’ list depending on Comodo’s analysis of the program. Similar to how Windows Defender works with the SpyNet community.

This feature can be turned off if users worry about their privacy.
Posted by: mike6688
Status : Implemented since 2.3.0.19 BETA

  1. It is just a cosmetic thing, but could be the hardware page in CPF changed/reworked? Well, I dont exactly work on a Pentium or Pentium II Tongue (it is AMD Athlon 2600+ XP). I know this isnt an important feature of a firewall, but it annoys me sometimes. Or maybe this hardware page could be removed completely.

Just my thoughts…
And thats the thing I like about Comodo - the great team listens to their software users (customers).
Posted by: mad
Status : In Progress

  1. Please ad an option like the one nod32 has to automatically upload suspicious files. It should be added in both CPF and CAV.
    Posted by: pandlouk
    Status : Implemented since 2.3.0.19 BETA

  2. I was wondering if you can add an option to change the default blue color of the CPF and the other programs. something like the “nero startsmart” or the “windows media player” ability. Blue is my favorite color but I like to change every now and then.
    Posted by: pandlouk
    Status : Pending

  3. I’d like to know if it is possible to unlock automatically blocked IPs (during the time of blocking) after a suspicious activity. This because the IP could be a good one, making authorized “suspicious activity”. Sygate was able to unlock blocked IPs … I’m just comparying what I knew with the new one.

The fact that I can contact it after blocked may not be sufficient since I might need him to contact me or answer to some requests coming from me.
Posted by: lorenzopar
Status : Pending

    1. When an application tries to connect to the internet, it would be useful to know the destination ip in some cases.

  1. I also like mike6688’s idea of the community network for application asessment.

  2. It would be nice to block the referrer for internet browsing. Or is there a feature that does so already?
    Posted by: V4V
    Status : Pending

  1. I’m a laptop user and a longtime user of Tiny PF(r.i.p.). One of the nicest features of Tiny is the ability to move a network adapter into different zones. So, e.g., if I’m home connected to my home LAN via ethernet, I can put the Ethernet adapter into the trusted zone. On the road or using hot spots, I could put the WiFi adapter into the untrusted (Internet) Zone.

This is particularly effective when using a VPN. One can put the physical adapter in the untrusted zone, but the VPN virtual adapter into the trusted zone.
Posted by: lhb
Status : Pending

  1. Network Monitor

  2. Give a name for a rule, to easy identify it.

  3. An option to enable/disable a rule from the list

  4. Instead of the Criteria column, add the source/destination port columns.
    Rules

  5. Add support for more protocols (IGMP, ARP, RARP)

  6. Add the feature to indicate the source/destination MAC Address, if wanted.

  7. Add the feature to choose the TCP flags…

  8. An option to associate the rule with all the network adapters, or only one!

  9. For easy understand and rule create, put all the definitions in one window, instead of have tab for source/remote ip and source/remote port. Something like this will be excellent ():
    Logs

  10. Selecting one log entry, add an option to the context menu, to open the dialog to create a rule with log details.
    Posted by: VaMPiRiC_CRoW
    Status : Pending

  11. I have a couple more wishes…

the ability to select , block , allow , → ASK ← in the component monitor.

along with destination ip’s, a tcp log would be great to.
Posted by: Scott B.
Status : Obsolete

  1. I wish to have a very basic HIPS like function in Comodo fireawall like OS firewall in ZoneZlarm Pro or at least like Application Execution Control in Kerio.
    I know it will be an extra add-on and basically is not a function of firewall but it will give an extra edge to this nice firewall( like ZoneAlarm Pro, Kerio and Outpost are having).
    As it might need a lot extra work, it can be planned for furure versions if mot now.
    Posted by: aigle
    Status : In Progress

  2. Some more suggestions,

1-Pop ups for incoming attack blocked from right lower corner of screen( with the option to disable them) like in Zone Alatm Pro.

2-Option to refresh the application list, so that the uninstalled applocations will be removed from the list automatically.

3-Comodo firewall should be resistant to be disabled by any malware(option of protecting self 3-termination). BTW, I don,t know how resistant it is at the moment in this regard( ZoneAlarm is said to be resistant while Kerio is not as I know)
Posted by: aigle
Status : Pending (3 is implemented since 2.3.0.20 BETA)

  1. I personally would like a feature that allows me to use block lists…
    Such as those used for example by Peer Guardian ( http://phoenixlabs.org/ )

Another nice feature would be making the firewall modular, although the protection is free, you could also make revenue by selling these modules such as an advanced VNC with authentication and logging

Timed services would also be a useful feature, I sometimes require use of a VNC in the evenings however not during working hours, being able to have features such as this only available between specific hours would reduce security risks and be useful.
Posted by: UnseenMenace
Status : Pending

  1. I would also like the option to scan during bootup as ‘some’ virus, malware and trojans can be trickey to remove once windows has booted.

It would also be nice to have a screensaver that runs the antivirus while the system is idle (This post is off topic so you may wish to disreguard this post)

Status : Obsolete

  1. Just one item right now, because I haven’t had a chance to really kick any tires yet. Smiley

In the CPF log, please add all actions taken when replying to alerts.
I.e. Alert - Allowed - Denied and if Remember Answer (Y/N)

Right now, if I allow an alert or select remember answer, the log does not clearly show this.

Example : I allowed some alerts and see multiple entries like below.

High Application Monitor Suspicious Behaviour (iexplore.exe)

There is no indication in the entry that the user allowed the alert.
Posted by: adric
Status : Pending

  1. Would it be possible to change the internal font used in CPF from non-serif to serif?

There are several trojans that use the fact that an upper case non-serif " I" and the number ONE (1) look the same as a non-serif lower case “l”, particularly with the Windows system default non-serif font. This can make it much harder to spot the difference between mongrel.dll (MONGREL.DLL - a valid file) and mongrel .dl1 or mongrel.dlI.

A small point I know, but the small points still count.
Posted by: panic
Status : Pending

  1. In Network Monitor, add an option that allows the user to specify description for the rules. (If they allow IP in packets for an IP for example, they could then know what machine it is for instead of remembering which IP is which) Add checkboxes in Network Monitor that allows the rules to be easily enabled/disabled without having the move rules all the way to the bottom (below the block rule - this is useful since users could then test rules or turn a trusted zone into an internet zone fairly quickly) Possbily add “grouped rules” if a rule matches some packet description. (An example of a firewall that uses this structure is Jetico, which makes the firewall extremely powerful). Allow drag-and-drop of rules in Network Monitor. (it’s a hassle if you have a fairly long ruleset and you have to click a hundred times Move down to get the rule down where you want it if you are testing rules) For application monitor, add an option for “Listening/Binding”, and also give an option so that the user could customize what Zone(s) the application could bind/listen to. (Allow the application to listen/bind regardless but block incoming connections from zones that are not “trusted” for the application). Add a description for outbound DNS? Outbound DNS is so common so a description should be added?
    In my opinion, I think the Comodo Launch Pad is extremely annoying. I found it a big hassle to have to click Show Application Window after clicking the Launch Pad icon. (This is one big reason why I stopped using McAfee after they introduced their McAfee SecurityCenter feature. I found it annoying and “bloaty”) I would recommend Comodo combine these “recommdations” in the firewall interface by adding an extra tab in the firewall’s GUI. (It would save ~20MB of RAM, anyways) Although not important, maybe add a Comodo Lite version which will feature less-intensive GUI and graphics designed for people who are RAM-concious. (A lot of people wants an application that works well & fast, and the looks are not important to them.) (ex. RealPlayer - Real Alternative, QuickTime - QuickTime Alternative, Windows Media Player - Windows Media Lite)
    For the final version of Comodo, would offline activation be possible? (Some computers use Comodo to protect their LANs, yet they don’t have Internet access) In Activity → Logs, add columns to each entry so that the user could locate events more easily and not have to click on each one to look at the details. (For example, add SRCPORT, DESPORT, SRC, DES, PROTCOL etc).
    Elaborate on the “Flood Detection” feature in Comodo. Could it be disabled? Does it only apply to inbound connections & established connections? What if the firewall is configured as a “stealth” firewall?
    Activity Icon (and lights) as some might have already suggested - I loved how Jetico shown green up and down arrows when there were traffic and red up and down arrows when some/all traffic are blocked. ARP Poison Prevention and Detection (prevent spoofed ARP packets and middleman attacks). Password Protection. And Custom/Internal International Language Support (.LNG file support or built in internal languages).
    (I did make some edits to the information in this post)
    Posted by: memo1337
    Status : Pending

  2. Firstly and Foremost. The one most annoying thing about this otherwise excellent Firewall.

Are the warnings about “Refuses to communicate with Comodo Personal Firewall”.

All my other security apps. As soon as I boot bring this message up in Comodo. And allowing it just ensures it will come back on the next boot. However with KAV v5 Personal. Everytime it wants to do a definitions update (which is once every 3 hours for me) it cant do it as it brings up this warning.

Second suggestion. Is because i just wanted the Firewall running to save on system resources. I disabled the Comodo Launch Pad from my start up registry. So just the firewall loads on boot up.

However the problem with this. Is that there is no icon for the firewall now in the running task bar.

And if i want to view logs or make any changes to CPF i have to load and run up the Launch Pad to make any changes. This then brings the icon in the task bar. But greatly! increases system resources because more processes are running.

So as a suggestion would you consider releasing a Comodo Firewall lite version that does not have the Launch Pad. Or a smaller on resources Launch Pad perhaps
Posted by: Anthony1uk
Status : In Progress, Pending

  1. -add an ok button to close the details page of a popup.

-update the applicatin information so that it correctly identifies an adapter. cpf identifies my intel 2915 abg wireless adpater as ethernet.

-add a link to google that would do a search for an application in a popup. hard to allow or deny an action if the user doesn’t know what the file is (or isn’t).

-add options in create a zone to stealth the connection, disable file and printer sharing, etc. this would save creating additional rules.

-create an option to save the firewall configuration to a folder of the users’ choice. would be handy if the application is uninstalled then reinstalled eg after a reinstall of the operating system.

-add a wireless intrusion module that would scan for all networks or computers attempting to, or available to connect to the users’ machine. this would allow the user to allow or ban locations. perhaps the mac address would be a good criterial to use.

-allow the user to allow or ban applicatins based on a zone. this would be useful where a user disconnects from their home interent connection and goes to a public wireless hopspot where there is no encryption of transmissions. maybe a user would allow an application to connect through an ethernet connection, but not in a wireless environment where their info could be intercepted. this assumes that cpf save zone configurations for use whenever a user connects to a particular network.
Posted by: gderreck
Status : Pending

    1. dump the launchpad and make a tray icon for cpf. I feel the launchpad is unneccessary bloat.

  1. The ability to do an unattended install from a slipstreamed install cd. w/ regsitration code held in .ini file or something.

  2. Activation possible without inet connection.
    Posted by: Scott B.
    Status : Pending, In Progress

  1. How 'bout from the Connections pane, having the ability to Right-click on an entry and select the creation of a new rule or outright deny or allow?
    Posted by: dougxd
    Status : Pending

  2. I wish that I could right-click any entry on either the Connections or Logs screens and be able to copy the remote IP address to the clipboard. And lots of the other right-click wishes mentioned above… whois, temp ban/unban, perm ban/unban, etc… sound great! But, I wish that I could have right-click access to ALL of them on either the Connections or Logs screens.

I’m not keen on using XP’s checkpoints to backup the current settings and rules. I wish CPF would do it. Well… mainly because I use Windows 2000
Posted by: kail
Status : Pending

  1. I wish that when viewing the Application Monitor Page it was easier to distinguish which applications I had blocked and which I had allowed. The little stop light icons all look pretty much alike at a screen resolution of 1920x1200 and of course, even the text isn’t all that large on a high resolution screen. Maybe text for the worlds Allow / Block could be Green / Red respectively so one could tell at a glance.
    Posted by: kda
    Status : In Progress

  2. I would like to see the new fast user switching compatibility have the capability of being turned off.

The setting would be on by default but could be disabled for users that want to keep one administrator account always logged in while not letting other users change the settings in CPF.
Posted by: TheFireKnight
Status : Pending( Fast user switching is implemented since 2.3.0.19 BETA)

    1. Kill the launchpad

  1. Use your new installer

  2. Reduce the resources (especially the memory footprint should be lower).

  3. I would prefer native windows widgets. Or a more neutral design. Your blueish one doesn’t fit to a lot of xp themes (eg. try some vista themes). Perhaps using just windows widgets would also decrease resource usage.

5.) Make the launchpad (if it is not killed completely) and the firewall GUI be handled by the firewall driver as well. I don’t like the fact that they can access the internet without a firewall warning (eg. when checking the activation code). I think that look n stop would be a good example of a resourcefriendly, easy firewall that is windows themed.
Posted by: amino
Status : Pending, In Progress

  1. I would like to see a Program Setting in the Advanced Security Configuration section that allows those of us with multiple monitors to set which monitor the popups/prompts appear on.

This feature would be excellent for full screen games that refuse to minimize (sometimes only because they are “paused” until the firewall prompt is answered).
Posted by: m0ng0d
Status : In Progress

  1. I’ll try to make a suggestion that could solve the problem with online gaming applications.
    Please add an option like “Intelligent learning mode” or “Automatic learning mode”.

How should work:

  1. In this mode CPF should add all programs and their components that are lanched in “Allow” permission.And for these applications should be also activated, by default, the features “Allow invisible connection attemps” and “Skip advanced security checks”

  2. A popup must ask confirmation by the user to let CPF go in “Intelligent learning mode” for security reasons.

  3. The user should choose for how much time CPF should be in this mode ( a time from a minimum of 1 minute to maximum of 5 minutes)

  4. In this mode pop-ups must be disabled because of #1

  5. The line of the application and the components that are added as allowed by this feature should be colored (maybe in pink) to let user check them afterwards

  6. Maybe integrate this on the shell of the explorer to make our life easier
    Posted by: pandlouk
    Status : In Progress

    • A setting that let’s me allow all applications do whatever they want without interfering but creating a logfile of everything that happens concerning the connection to the net. So that I can manually add all necessary rules.
      OR

  • “Learning” mode for applications that automatically generates an ALLOW rule and notifies me in a logfile what it created and when.

  • Compatibility with full screen games, right now CPF tends to freeze my OS in a lot of these. That makes it so hard to troubleshoot. I’d like to give you a lot more details about what happens exactly, but I have to reboot after these freezes and after the reboot the CPF logfile is completely empty. Since the games don’t “crash”, but only freeze, I don’t have any crash logfiles or coredumps.

  • A setting for no popups, more logging. I’d really prefer to let my PC run for a while in a standard “block” mode, and then have a nice logfile that exactly tells me what was blocked, when it was blocked and why, so I can add my rules manually.

  • Overall more logging. CPF tells me about security risks, fine, I’d also appreciate a logfile that just tells me which programm connected itself when, where to, and for how long. Imagine I catch a virus that infects one of my “trusted” programs that is allowed to connect and do as it pleases. With a detailed log of its activity it would be possible to find out if a programm is acting suspiciously and react to it.
    Posted by: Chrono
    Status : Pending

  1. I would suggest to make the whole text clickable instead of just the checkbox when popup dialogs appear.

On certain monitors it becomes quite frustrating to have to aim perfectly on the checkbox just to get CPF to remember if I allowed or denied the event in question.

Please make the text clickable along with the checkbox. It’s just basic ergonomics.
Posted by: TheFireKnight
Status : Obsolete(Feature already exists)

  1. Another thing that i think it’s VERY useful: please, add in the traybar an icon for AV and an icon for Firewall, to be sure that both programs are running well. I think it’s useful that the user can right-click on these icons, and have a menu with the choice “Temporary disable Antivirus” or “Temporary disable Firewall”.
    Posted by: lordlance
    Status : Pending

  2. A minor issue: the two links in the CPF “About” window launch Internet Explorer instead of the default browser. That’s not the way it should be.
    Posted by: user4
    Status : In Progress

  3. I wish the main CPF screen would remember it’s size/position between reboots/restarts.
    Posted by: kail
    Status : Pending

  4. I think it would be good if you made it where you can see what program is moving data how fast. Like in Kerio PF you can see that say FireFox.exe is moving 30 kbs. I know you already show how much data it has moved now you just need to show how fast.
    Posted by: siryak
    Status : Pending

  5. This can help to avoid plenty of work at little companies, schools and at small home networks. I’d also suggest to create the possibilites to share a directory and modify it’s security settings (or at least some tips).

Examples:
\computerone\comodorules
\safeserver\rulesets\comodo\firewall

Does it sounds good? When you ever invent a silent setup - with all the settings we’d like -, please, include the possibility to specify ruleset location(s) as well.

I wonder whether it’s possible later to specify more ruleset locations: in case of vis major.
Posted by: Arkangyal
Status : Pending

  1. I wonder if you could import rulesets from other firewalls (like Kerio, BlackICE, etc.): just before they are uninstalled.

I also wonder whether you could detect the other firewalls automaticly by service names or something(i still remember my case with the disabled and forgot Sygate).
Posted by: Arkangyal
Status : Pending(1 is obsolete)

  1. How about adding a “Scan This” button on the firewall pop up if CPF suspects it’s a trojan and it could then call a CAV scan (providing of course that CAV is installed)? This would alllow the user to make a much more informed decision. Further, if the object is not identified, how about an option to submit it to Comodo for analysis?
    Posted by: panic
    Status : Pending

  2. Also, please add an option in the Application Monitor Group to allow logging of individual applications. A checkbox (Create an alert if this rule is fired) similar to that what you already have in the Network Monitor Group would be fine.

Another improvement for the logs section would be to add an additional column called ‘Application’. This would bring more transparency to the logs without having to select the details for each entry. I don’t understand why Network Monitor does not list any applications where applicable. I have to spend more time analyzing the log because of this. All I ever see is IP, ports and protocol type.
Posted by: adric
Status : Pending

  1. It would be very helpful if active entries in the Connections Display could be hilighted in a different color depending on the type (ingoing/outgoing) of network traffic currently taking place. Much easier to spot network activity this way than by watching for byte count changes.
    Posted by: adric
    Status : Pending

    1. make all links use the default browser instead of the IE
  1. turn off logging completely (eg. a logsize value “off” of “0” MB) (NOTE: #2 of 64 was resolved in a future post by egemen)
    Posted by: amino
    Status : In Progress, Obsolete(Feature already exists)

  1. The automatic update of application signatures would be a great addition to CPF. That way less savvy users will be able to have proper security without having to mess around with too many settings.
    AV software already does it… why not even FW software?
    Posted by: TheFireKnight
    Status : In Progress

    • A global in/out bandwith speed indicator (percentage are fine, but I’d like to see raw numbers… kbps)
  • An change of icon in the tray when the adapter is being used.
  • A tinier footprint on the system… 50MB in memory seems a bit much?
    Posted by: tekisfanatikus
    Status : In Progress
  1. Could it be possible to include bandwidth management in Comodo firewall?

This feature could be added into Comodo firewall’s activity screen between the traffic and action columns: a new column where could be a checkmark to switch the limit on or off for particular application, a slider for controlling bandwidth limit and kb indicator to show what’s the selected limit . (Feel free to make any changes you like…
Posted by: comodouser
Status : Pending

  1. Please give the ability to change the lang on the fly, like nero does. It would really help when giving support at my friends (greek, italians). You could make a dll that controls the lang. The perfect example for this are p2p programs like emule, azureus, etc.
    Posted by: pandlouk
    Status : Pending

  2. I wish that when there is an Outbound Policy Violation in the log, that CPF would indicate the program that was responsible for the request.
    Posted by: kail
    Status : Pending

  3. I also wish that I could enable/disable Network rules. At the moment I have to invert the Action and/or push them to the bottom of the list. And on that front, if it’s not been mentioned before, I also wish that the rule right menu also had Move to Top and Move to Bottom commands.
    Posted by: kail
    Status : Pending

I would like to thank Justin in helping compile all this for us! Thank you Justin! :slight_smile:

Melih

#3

Hi,

just a pair of thinks:

-Password protection. Once you configured it, noone else can’t change the rules and allowed programs to connect to Internet.

-Screen while Comodo firewall loads. You see that windows has loaded, but still the PC is working… why??..Because Comodo is still working (but we don’t know, because there isn’t any signal of that).

That’s all.

Very quick sugestions.

Bye

#4

Welcome to the forum!

This have been suggested before:

Per user/group access rights to configuration (based on logged on user) AND/OR password protection.

and:

Set Password to keep settings. (already mentioned in previous post)

#5

(:WAV)

it should have a button to vertify if all managed applications realy are installled
and if there are rules for applications wich are not found anymore on the machine
it should be able to delete this rules in a userdefinied mode (select wich rule should realy be deleeted and wich not maybe because a reinstall of an app)
this to keep the rules overview small :wink: and without of rules for applications wich was only installed for oneRunTry (let us call this spam rules :))

#6

Great lists!

Personally my top 3 are (repeat partially from above, but with a slightly different slant):

  1. Import / export / merge rules (app, component & network rules)
  2. Lower CPU usage for protocol analysis and other advanced features (this is where LnS still spanks Comodo Firewall Pro silly)
  3. Better rule granularity (fragmentation, headers, protocols, etc. Look at Jetico & LnS)
#7

My two requests, which I didn’t see mentioned above:

(1) A slightly brighter or more contrasting color to show the selected item in the Application Monitor, Network Monitor, Logs, and other lists in the UI. Currently a very pale yellow is used, and it’s so pale (on my LCD monitor) that it’s hard for me to see which item is selected.

(2) Include Mozilla Thunderbird and Norton AV (all of its components) in the known applications, so that they will be picked up by the “Scan for known applications” function.

Thanks!

#8

  1. Yes, a friend told me yesterday, that he wanted another colour, so, good suggestion :slight_smile:

  2. You can send files to Comodo, when you get an alert for a program, you have a choice of “Send files to COMODO for analysis”, you can also send files from Security → Task → “Send files to COMODO for analysis”

#9

Thanks, Bluesman. From the Help file I thought that feature was meant for reporting potential nasties, but if it’s also for reporting good applications then I’ll start using it more liberally. :slight_smile:

#10

Welcome to the Forums! If you go to Security/Advanced/Miscellaneous, down to the bottom under Program Settings, check the box for “Show application window on system startup.” That may be what you’re looking for…

LM

#11

Which is probably why CPF continues to spank LnS silly in the security tests… ;D (R)

LM

#12

An addition to Wish nr 52 but only for the network monitor part of the system:

It can be read here in this post. It an new rule for the rule system or what you would cal it.
https://forums.comodo.com/index.php/topic,4624.0.html

#13

erm… we can have 0% CPU usage if you like…
however, we suspect your security might suffer (:NRD)

Melih

#14

Hello, a synthesis of my wishlist.

  • Show both DNS Name and IP on the notification window (when a program tries to acess the network) instead of only the IP

  • Show on the notification window the program’s path, version, process ID, who started the connection, local and remote IP and port, etc

  • An option to allow programs to have free access to DNS Servers

  • On the Activity list, show DNS Name on the Destination column, and also show the local port used.

#15

umm 100% CPU usage would be better, then we don’t have to worry about security anymore because are system won’t run. :slight_smile:

#16

LnS being spanked by CFP (it’s Comodo Firewal Pro these days) in leak tests is true, of course.

However, it’s not due to superior speed in network protocol analysis, but wider/deeper implementation in application monitoring/hooking/dll injection filters.

I can make CFP very resource hungry by (practically) turning off app filter and stressing the network filter only (very heavily).

LnS and CHX1 network filters stay below 1% on my system with a similar load. CFP climbs to 10-20% (even if only temporarily at times). And this is with a higher number of rules (and more complex) network rules active on LnS or CHX1.

This implies, that there is still room for speed improvement in the network filtering rules implementation, imho.

Of course, I’ve been wrong before and I say this with the honest intent of trying to help improve great CFP even better, not as a pissing match between Lns and CFP. I was merely using LnS (and now CHX1) as examples that it can be done faster (AFAIK), with very tight control and fine granularity.

So, to re-iterate in to the wishlist:

  • faster/more efficient, lighter on cpu/memory network filtering rules implementation under very heavy network usage scenarios
#17

Just a small request :). I would like to see an addtional column under Connections named Direction. Under this column you would see an icon, showing either listening, incoming, outgoing or both (incoming and outgoing).

:slight_smile:

#18

yes i agree :slight_smile:

so what is acceptable? :wink: What is the metric of deciding Security vs performance? Should people go with less CPU usage firewalls or more secure firewalls?

You see, there is no clear metric to help end users choose! That is the problem.

Melih

#19

Hi again (:WAV)

If i scann for this known applications it will do a scann and i see some path like
C:\some\wehre\a\place.exe
and so it is searching on my 10GB C:\

but i never see my 120GB E:\

it would be nice to include other hardDisks into the scann!
and also maybe a option to choose on wich HD to scann or not
or maybe also mere specific in wich folder or not

and if i try to upload files to proof them i get two popups wich say…

  1. the connection with the server was terminated abnormaly
  2. some error occured during uploading. aborting file submission.

maybe this is a problem on my side … but i dont find it … please fix this for me with your next update wich i will download in 10 minutes
(:WIN) :BNC

#20

i would like to see a little less cpu usage i don’t know how much it uses now but if possible use less.
it also messes with my internet a little, it makes it a little slower.
can you fix that aswell if possible?
and i would like to see regular updates like deffinitions and those will install the new versions when they comeout but untill then use updates to update the software.
i don’t like uninstalling and installing new versions of anything.
i like it through updates.
and i also would like to see password protection for the firewall.
that is were the hackers get through easier because of no password.
the password is that extra line of security if the can get through the password then they can’t get in your pc.
and one other thing i would like to see on the cpf,
i would like to see an entertainment mode.
it is where when you are loading up a game or some other type of entertainment it will ask you if you want to go into entertainment mode and it will block all incomming programs or packets or what have you except the games things you are playing. it only works on entertainment that goes to full screen only.
i have tried several firewalls before finding this one and i found the entertainment thing to be the best part of one of them but it was only a trial of that firewall it was not free so i went looking and found this one.
i like it but it needs a few things and the ones i mentioned are a few of them .
thanks for listening and i hope you could put those products into your firewall.
it would make you more popular around the world.