DEVS -- Comodo vs. OP interface

Feedback/Comments/Announcements/News
#1

Greetings.

I have been an Outpost fan for awhile. I am now playing with Comodo.

I like it so far for the small footprint and pretty easy setup to get rolling.

I am not so far impressed with it’s user interface as much as I had hoped.

Developers, I know you have more than enough to do. I know you have looked at
various products and tried to balanced the best of all into your package. I know this. I do it as well.

My advice for developers would be to get a copy of the original Outpost Free v1.0. Yes, it is dated.
Yes, you do have to know something to use it. No, it does not monitor as much, just an exe and traffic.

BUT… the best features about it are the simple ones, that I find lacking in Comodo.

  1. DNS plugin - resolve and cache. very usefull for seeing where an app is actually going.

  2. Ads and active content plugin – c’mon, who doesn’t like a little ad filtering?

  3. the ability to save your configurations (ok, that is in the pro version, but still…)

  4. pretty simple interface. I know, with bigger rigs, peeps want more eyecandy. oh well.

  5. best of all, the presets. a file, preset.lst, into which I can put every last one of my configurations
    for each and every application that may try to go online. I can copy/paste it to others machines and
    then they have the same rulesets. THAT is a must for those of us who really like to take control of OUR computers.

  6. unless I have missed something, the layering of rules for a certain application is not possible?
    I have the latest version, as of Sept 1st anyway. I use the proxomitron. CF found it. I allowed it.
    There is a rule for both tcp and udp. OK. I want to now give it more fine tuning. I find that I cannot
    add another layer of rules for it. For example, in my OP config I would have the following for it


[Proxomitron]
VisibleState: 1
Exe:
Proxomitron, proxomitron.exe
DefaultState: 1
RuleName: Proxomitron HTTP Access
Protocol: TCP
Direction: Outbound
RemotePort: 80
AllowIt

DefaultState: 1
RuleName: Proxomitron DNS Resolution 1
Protocol: UDP
RemoteHost: 216.x.x.x
RemotePort: 53
AllowIt

DefaultState: 1
RuleName: Proxomitron DNS Resolution 2
Protocol: UDP
RemoteHost: 216.x.x.x
RemotePort: 53
AllowIt

DefaultState: 1
RuleName: Proxomitron DNS Resolution 3
Protocol: UDP
RemoteHost: 216.x.x.x
RemotePort: 53
AllowIt

DefaultState: 1
RuleName: Proxomitron Block DNS (TCP)
Protocol: TCP
Direction: Outbound
RemotePort: 53
BlockIt

And that pretty much takes care of what proxomitron can and can’t do.
Of course the browser then needs a rule set, which looks like this


[Opera]
VisibleState: 1
Exe:
Opera, opera.exe
DefaultState: 1
RuleName: Opera Access to Proxomitron
Protocol: TCP
Direction: Outbound
RemotePort: 8080
AllowIt

DefaultState: 1
RuleName: Opera FTP connection
Protocol: TCP
RemotePort: 21
Direction: Outbound
AllowIt

DefaultState: 1
RuleName: Opera FTP DATA connection
Protocol: TCP
RemotePort: 20
Direction: Inbound
AllowIt

DefaultState: 1
RuleName: Opera FTP Data (Passive)
Protocol: TCP
RemotePort: 1025-65535
Direction: Outbound
AllowIt

The result is that opera requests only things that are not port 80, which proxomitron handles.
DNS is taken care of per application. I have allow and disallow DNS rules as well.
The best part of the old Outpost (which I still use, don’t care for the new ones) is that you
can set it up pretty darn complex and tight, and then save it. Edit it when you bring new
apps onboard and save it to all your OP firewall machines.

Comodo appears to be the only viable alternative I would use at this time. I sincerely hope that the
HYPE that is in this forum about really listening to the peeps using it are really true.

Maybe I am a lone duck in a big pond, but I would certainly be more than happy to see a very complicated method
of setting up my custom rules (presets) that I could happily choose to apply to the associated application when it shows itself.

No gripes, just observations from a geek.

king regards.
MrWoo

#2

Hi MrWoo, welcome to the forums!

I think all suggestions are welcome if you ask the developers, so thank you for this post. I won’t comment your points in detail, but since you’ve registered here I guess you are aware of Comodo Firewall Pro v.3 which is under development. Perhaps it suits you better, you may want to give the beta version a shot. :slight_smile:

/LA

#3

lol, yes I did notice the v3 beta, after looking for it on the website, I found the link in the forums. I did install that, and it does indeed do some of what I refer to. I successfully made some rulesets and they are indeed layered as I would expect. v3 looks very promising indeed.

I think most of the UI could be streamlined more so that instead of requiring multiple clicks to view data, it is intrinsically open to data, somewhat like an explorer view. I don’t know what your plans for skins are, but a treeview option would be more to the point.

Now as for creating rule presets, I looked at the content of comodo both in prog files and the docs&settings app data directories, and see plenty of files, just not a preset file.

I have not looked into the registry yet, so perhaps they are there. I would consider it, for advanced users, or for users who help other peeps, to have a file (or reg file to merge) that would allow convenient bulk entries and tweaking of presets, that when comodo is launched loads into the available options for applying.

I am most pleased at the improvement in my areas of concern in v3. And after more forum browsing, looks like the plea for certain plug-ins has been covered as well.

Eagerly looking forward to a stable v3. Plan to keep with v3 and beta test as well.

Thank you.
MrWoo

#4

Hi MrWoo

welcome to our Comodo Family… good to have you with us…

the beauty with Comodo is that you can have your wishes come true as far as our firewall is concerned. So please tell us exactly how and what you want modifying and if its reasonable and feasible, and people don’t object to it, we will get it scheduled. However pls be very specific and even have some screen mockups if you can so that we know exactly what you need.

thank you
Melih

#5

Hmm. If that is indeed the case, then you will be unique among rivals. One strength of Outpost was the plug in creation by individuals. I have even toyed with them, but they are a bit out of my scope yet.

Hmm. Mockup of the interface. I would say that is easy. The original Outpost Free v1.

Simple design. In a tree view on the left, with expandable parents, showing Active Connections, Open Ports, Incoming connections, Outgoing connections and All connections. Also shows Allowed actions and corresponding rules that applied, same for Blocked and Reported. Then a subgroup of the plugins, each showing what it has logged, such as DNS transactions, or IP’s blocked, or attack detections.

I think I would first start with the UI then. While the current UI is in step with how most new apps are looking, a power user, IMO, finds it frustrating to have to click on so many links to get to the data. If skins are the answer, then I would feel that combining all the datasets into one area would be much more efficient without so much back tracking. Rather similar in respect to the way windows likes to default all folder view to the icon or thumbnail. Personally, I like it in detail view with hidden files and file extentions on.

Of course the option of adding and removing columns and column resizing is also a major benefit.

It is my opinion that experienced users will appreciate a quick and concise UI that makes it easy to examine current data as well as input rules etc . And it is also my opinion that one major downfall to Comodo as it exists is the clunky UI. I have many rulesets that I wish to put into place, but honestly it will take quite awhile to actually put those in place.

Which I suppose merges into the next piece of the equation – the custom rules. What Outpost did was to use a simple text file called presets.lst. This file was simple to manipulate. You gave a rule header, such as [Browser]. You then set each rule up under that heading with a name, and protocols, ports, addresses and actions. It is really quick to set up a generic header, or a very specific header for a certain .exe. It worked so that on a fresh install, you simply shut the firewall down, insert your custom preset.lst file, and start the firewall back up. When you start an app that needs network access, Outpost would look at the .exe and determine if there was a preset for it, and ask if you wanted to use that. If it was not a specified .exe, then it would give a default optin such as Browser, instead of a specific, like Opera or Firefox. All this could be done through the preset.lst file.

The preset could also be used to set up your custom DNS rules. I use only my DNS, and disallow other IP to port 53. A simple rule to apply to any process and it effectively blocks or allow address resolutions.

A lot of Comodo’s UI is effective as it is. Process guarding is not something that I would expect to have to manipulate as much as network protocol for applicaitons. Neither is trusted Netbios addressing or trusted networks.

I feel it is more in the realm of the ports/connections that are opened,blocked, allowed or new.

I would be more than glad to give whatever help would be needed, as I have been into firewalls for a bit and understand them pretty well. There is much that I have always wished I could find in a firewall, to tweak it to use in the easiest and fastest possible manner. I have been using Process Gaurd for a number of years, and am also anxious to see how well Comodo handles that area. While I do not particuarliy want a firewall to manage that, nor registry protection, it could prove to work well. I have not as much experience in that as general firewalls, so will not comment much on that yet.

Thanks for the upbeat attitude towards the develpment of a product that could make such a huge impact on normal button clicking peeps who are not only exposed, but also intimidated by such a daunting task as learning how a firewall works.

sincerely,
MrWoo

#6

I think the interface of CFP is pretty , and all my friends who use CFP also think that .

I have used OP for a piece of time , some of its functions are useful , but some are useless , I think .
For example :

  1. DNS plugin - resolve and cache.
    I cann’t say this function is useless , maybe it is useful for some people , but I will shutdown it if I use OP .
  2. Ads and active content plugin
    Maybe this is a thing which should be done by browser , not the firewall .

As I know , the interface of OP is big , so it can show more details to the users about the connections , but I like smaller one more , just like the interface of CFP , if add “Show active connections” to the system tray context menu , it is also convenient to see the connections .

HIPS software is necessary , if you just use a firewall , although the firewall is good enough , I think you are still in danger . I used a firewall and a HIPS (SSM , SNS) together before , and they took up more memory and CPU , sometimes they couldn’t work well together , and now I find CFP is a good choice . HIPS is easy enough , you can use it well soon if you study it .

#7

I find a problem about the interface of “Active Connections” , the interface often refresh itself , if there are many connections , I want to watch the connections at the below of the interface , then I will push it down , if the interface refresh at the time , it will go to the top again , I have no idea to see the connections at the below .

#8

Well, I had been an OP fan too. What I am missing the most is that the alert would directly bring you to the rule setup interface, with the protocol, direction, destination IP address and port (or the source IP address and port in case of inbound) right in your hand. That is a very convenient feature, especially for those who know some concepts of the network, but don’t know too many details of the OS and the applications.
I think most of the users that would like to actually make the rule sets for their own system are such kind of users like me. By this feature, we can learn easily while we are using the software. For example, the famous svhost.exe, without this feature, I would never be able to make a appropriate rule set to let the system work properly while not give any extra authority to it (This is important since svhost.exe is really dangerous). Even with a bunch of pre-set rules, you can’t reach that point, cause with different system configuration, rules for svhost.exe will be different. Even worse is that the rules will be different even with different firewall since they handle a system service like svhost.exe differently. Please be noted that logs are not so useful in this scenario, 'cause in many cases, you just don’t know what triggered the entry in the log.

So, please bring this feature in. (:HUG)