Hello all, and thanks comodo for such a good free product!
It would be nice if the user can create (name) custom security levels, where applications and rules can be defined, rather than having only Block All/Allow All and custom.
rgds, Rached N.
Welcome to the forum!
You can use the wishlist-thread for feature request.
Thanks a lot for the superb firewall. But I noticed that it lacks a good feature. I used ZA before and I could see a complete list of the programs that ZA is controlling, and right beside them was their access rights such as whether they can have access to the net or not and so on. but unfortunately in COMODO I couldn’t find such a feature. I have to choose my program, then choose edit, go to access rights and for each section, choose modify to see the details. Also it takes me a lot of time to find my program. The list could be sorted by program name.
defense+ is alerting u only when an executable is trying to run, then u can choose what to do.
same for firewall, u get alerted only when a prog is trying to goes out or when someone wants to enter so u choose what to do.
does ZA control svchost connexions?
or it allows all cause it’s known prog?
in my case i allow only my isp dns activities with svchost.
so u prefere a trusted listed progs where u dont need to set rules?
OA does that too, but i prefere controlling everything trusted or not.
u can always set comodo to training mode so it will learn what happens on your machine but u have to be sure u run a clean machine. then when all your apps are learned u can lock your system by set firewall in custom mode and defense+ in paranoid mode.
it depends what people are looking for, u prefere a FW that auto set rules for trusted progs so it doesnt annoy u with several alerts bu if u sure of your prog u will not answer a lot of alerts, if u’re sure, u set your app to window system app then comodo will not ask about it again, u have to do that in both FW and defense+,
i prefere that type of protection, i don’t like security prog choose for me what is allowed or not.
but it’s personal, the more i play with computers the more i dont trust a thing and i understand it can be boring to set all things that are safe apps but i don’ t trust things, so i need to control anything trusted or not, i am here to say if i want to allow things. so FW alerts is set to very high, and defense+ is in paranoid mode, agressive execution control level with all executables, it’s maybe a little crazy cause i got no sensitive datas to protect like NASA but when my av fails to detect new malware, it’s the only protection i got that saves my system from unknown malwares, so i prefere that comodo authorizes a little list of files called win sys apps, win updat apps and comodo firewall files then i choose the rest.
thanks alief. but I didn’t get my answer. I am setting the defense+ in paranoid mode and the firewall in custom policy mode and, just like you, I want to watch every thing that happens in my PC. But the thing I am looking for is an ability to list all the programs and their access rights. In defense+ list of programs, I have a bunch of them, and want to know for example the list for all the programs that have the access to internet. in ZA it is easy. there is a table and access rights are marked beside the program. but in CFP you have to check each program through a long process. checking a long list of programs like mine, will take hours.
oh ok i get it, u want the listing of all the rules u made with the FW and D+ with all details.
ah yes, that’s a good idea :), and my name is AILEF, thanks.
what i would like is a windows log like in jetico 1.0, it’s the best log window i ever saw in a firewall.
and i would like a resolve IP with the countries flag like in OA.
and also progs that are on the network but have no endpoints. 
but, anyway, since i really find the importance of defense+, those wishes would be cool of course, but defense+ is the best thing i installed to protect my machine, i would not imagine using a windows system without this protection, so if comodo can improve it more, it’s the most important. an aware person would not use MS OS without D+, even if alert doesnt say MALWARE DETECTED, my AV didnt protect me twice, detecting no bad code, but D+ alerts just told me what the files were going to do in the system so it saved my OS from 2 contaminations as proactive defense of KAV detected nothing.
maybe there are other soft able to do the same but i don’t know them.
it has no really link with a FW but as AV only work with a known virus list and proactive defense failed,
D+ is the best protection for me, so when i see people complain about it or simply dont install it, i think they maybe trust their AV and think their AV is able to protect them at 99%.
but the best solution actually is D+ cause it doesnt work on known malwares to protect u, it alerts u about file activity that will run before it loads in memory, what is the best solution as your AV failed.
i used to trust my AV but now it’s just a filter for known bad files.
now i analyze files with D+ to see what they want to do, if there’s no forbidden activities so i let the file run, ok i know that it’s not 100% safe, cause it’s impossible, but it’s safer than an AV.
comodo has all to take the first place in security progs. even if we still need an AV to dont waste time about known malwares.
!ot!
New Kaspersky IS 2009 have very intuitive approach to application grouping, all processes which are from particular vendor is on the same group (virtual folder) for clearer view (of course, access permission can be edited for every specific *.exe).
I think something similar should be implemented in CFP…
i didnt test this new version, is it final or still in beta?
and proactive defense has a big impact on performances with xp when u activate all protections.
comodo doesnt slow the system like does proactive kasper.
but i didnt test this new version and i think it’s not final yet no?
Here is how that looks like in KIS 2009…
[attachment deleted by admin]
I like the GUI.
Josh
Kaspersky decided to put all rules HIPS and also packet filtering (FW part) rules in the same level of decision, by same level i mean four global rules: “trusted, low restricted, high restricted and untrusted”
note: I changed rule decision in above picture to meat my testing purposes, default ones are changed
In which group will go some first started process is completely automatics, Kaspersky gives black/white listing to 3rd party company (KIS can also recognize digital signature).
FW rules generation per application are very interesting and also fully automated process, so for instance per application requests for trusted group; FW rules will inherit from list (see screeny) till requests stopped and all of this will be fully automated by list of (by priority) predefined rules (see list of predefined rules in screeny)
[attachment deleted by admin]