Comodo Firewall worse than windows firewall

Dch48 · April 19, 2014, 10:52am

Personally, I don’t want to see ANY alerts or popups for safe things. I also see no need to have rules made for those things. The only real change I make to the default firewall settings is to uncheck the box for not showing alerts. This, coupled with the Behavior Blocker, (no HIPS) ensures that the only firewall alerts I will see will be for unknown things. I think this is the only change that needs to be made to the default settings. Anything more than that would be annoying to the users who just want to use their machines without interference. In other words, the great majority of users. ( or those known as average or novice).

MorphOS_REBOL · April 24, 2014, 11:50am

Hi Melih, could you please elaborate a little further on what exactly you did mean by the term “containment technology”?
Btw interesting term, but how to define it?

Thx, REBOL.

Melih · April 24, 2014, 2:27pm

automatic sandboxing does the “containment”.
it contains any unknowns hence mitigate the infection risk

siketa · April 24, 2014, 2:41pm

Since we can not have an answer in other topic(s), I’m going to ask Melih here:
What is the current status of Dragon?

Thank you.

spywar · April 24, 2014, 2:43pm

You should add valkyrie as well… :-X

Melih · April 24, 2014, 3:44pm

full steam going ahead.

siketa · April 24, 2014, 5:58pm

I hope it will come out before it blows up.
;D

ubuysa · April 25, 2014, 6:42am

Don’t you think it might be unwise to suggest that Comodo is steam powered? This is the 21st Century…

graciliano · April 25, 2014, 8:41am

He said it, it happened!

siketa · April 25, 2014, 10:18am

Should have asked a lot earlier…
;D

captainsticks · April 25, 2014, 11:00am

Hi ubuysa,
The steam power has got the wheels rolling again.

shoober420 · April 29, 2014, 5:42pm

If you don’t know what a setting does, just google it. COMODO doesn’t need to explain to you what each setting does and what it should be set to if you can just search for what it does. That’s just being lazy. Comodo definitely needs to tighten up the default configuration, especially for those lazy people who don’t want to change anything because they don’t know what they do and don’t have the will power to educate themselves on what the settings do. I’m not sure if that’s what you were saying, your English is not very good and you’re hard to understand.

The thing is, what if a malicous program makes a call to a safe windows file? Wouldn’t you want to stop it? If you have all the Windows files set to not show pop ups, then malicous software can make changes to those safe files and you would have no idea. I know that most users don’t like pop-ups, but for those of us who do, and like to have FULL control of there system, it makes your system a lot more secure. On top of that, I never said that the default settings should have pop-ups for every file, that’s just how mine is set up. I was just saying that the “show pop-ups for applications” setting should be unchecked by default (like on your machine), so malcious applications just don’t pass on threw for the sake of being less “annoying”.

Citizen_K · April 29, 2014, 9:20pm

Unknown files are not allowed to change protected files. Please realise this.

I know that most users don't like pop-ups, but for those of us who do, and like to have FULL control of there system, it makes your system a lot more secure. On top of that, I never said that the default settings should have pop-ups for every file, that's just how mine is set up. I was just saying that the "show pop-ups for applications" setting should be unchecked by default (like on your machine), so malcious applications just don't pass on threw for the sake of being less "annoying".

For those who like the extra control they can enable extra stuff while running Proactive Security Configuration.

sd_ahmad · May 1, 2014, 9:30am

I’ve tested all service portes on Comodo and bitdefender by the site GRC | ShieldsUP! — Internet Vulnerability Profiling

Result : comodo proactive

http://im48.gulfup.com/1onFPx.png

result : bitdefender

http://im66.gulfup.com/nOeK8t.png

:-
Sorry on my English

ubuysa · May 2, 2014, 7:22am

This is just another example of a test that has no details of how it was performed. I have just run GRC’s stealth test on my CIS v7 and got completely stealthed ports. That’s because I have used CIS to secure my system and not simply taken the default values. Equally, had I so chosen, I could have configured my CIS to produce the “all ports closed” result that you show. CIS is a tool, you can configure it to operate in a multitude of ways and unless you specify in detail what configuration you had in place for your test it’s results are worthless.

vincentmax · May 2, 2014, 12:43pm

How to configure the Firewall to obtain “all ports stealth”?

ad18 · May 2, 2014, 2:30pm

Go to the GUI. Then click Tasks. Then go to Firewall Tasks. Finally, click Stealth Ports and then Block Incoming Connections.

bazolo · May 2, 2014, 7:35pm

Yes, do it:

but with little warning - “Block Incoming Connections” adds to Global Rules one insecure line:
“Allow IP Out from MAC Any to MAC Any When Protocol Is Any”.
I think it is better to delete this line.

bazolo · May 2, 2014, 8:04pm

No. You should delete the “Allow IP Out from MAC Any to MAC Any When Protocol Is Any” for higher security.

vincentmax · May 2, 2014, 10:38pm

Ok.
For “all ports stealth”:

Go to the GUI. Then click Tasks. Then go to Firewall Tasks. Finally, Stealth Ports and then click “Block Incoming Connections”.
Global Rules: Delete the “Allow IP Out from MAC Any to MAC Any When Protocol Is Any”.

But my question is: With this configuration, the Internet speed decreases?