Here is what I read on Wilders Security forums by STem and MasterTB:
The whole thread is only 2 pages long:
Basically it says:
the Intrussion Detection on Comodo is very basic compared to ESS. If I read the help corrected, ESS checks the content of every packet sent or received from the internet, whinch assures that it is safe, Comodo does not, COMODO JUST CHECKS FOR INCONSISTENCIES ON THE PROTOCOLS AND STUFF LIKE THAT, BUT NOT THE ACTUAL PACKETS BEING TRANSMITTED.
On the other hand ESS won’t pass any leak tests because it does not have HIPS like comodo V3 will have or like in some measure comodo V2.4 has. That being said ESS approach is not to let you download or run anything that compromise your security so that you don’t need a HIPS because everything on your machine is safe.
What do you think about that???
Checksum check (IMHO) should be done by any SPI firewall.
Malware can have a verified checksum. This in itself is not protection.
The firewall Engine in Eset checks the content of every packet not the packet checksum those are two different things.
And also personally I’d rather have ThreatFire than Comodo since identifing malicious software by comprehensive analysis of all behaviors is a better solution than just watching for isolated actions- I personally think this is what Comodo should do, too.
Here is the entire reviw of ThreatFire 3:
For inbound protection, in my opinion every firewall should have the following:
Fully-featured SPI (Stateful Packet Inspection) implementation firewall for the network layer as well as the program, behavior and kernel level (if it doesn’t match specific rulesets it should be blocked)
Fully-featured DPI (Deep Packet Inspection) for all layers as well (network layer, program behavior and etc…)
Fully-featured HIPS specifically designed for the network layer
Fully-featured NIPS (Network Intrusion Prevention System) for the network layer + A-VSMART technology
Identifing malicious software by comprehensive analysis of all behaviors down deeply down into the core of any/every malicious software
Personally, I think when it comes to inbound protection newest versions of ZoneAlarm Pro, Outpost Firewall Pro, Jetico 22.214.171.124, InJoy Firewall, Kerio Winroute Firewall (this is not the Sunbelt version, it has nothing common with Sunbelt Kerio Personal Firewall) Comodo is truly weak when it comes to inbound protection against hackers’ attacks.
Melih, Egemen, moderators and all other firewall experts could you tell me what exactly COMODO uses for inbound protection besides A-VSMART technology and what do you think about the thread above about inbound protection?
Big thank you if you can explain me how does Comodo protect from hackers’ attacks and all other threats when it comes to strictly INBOUND protection, since I have 100% clean PC and that’s why inbound protection is so extremely important to me!
What do you think about SPI, DPI and all other proposals that I made in my list to have an excellent inbound protection against all forms of Internet threats?
Big thank you to everyone (especially, to firewall experts) who can answer me this as well as participate in this thread!!!
Thanks a lot!!!