i LIKE this firewall! on my system it feels like the rock of Gibralter! so solid and stable!! the interface, while involved, is after navigating for a couple of hours, is actually very simple. there is a whole breadth and depth to it’s functionality. for example, a firewall i have used for awhile now, i could never get svchost.exe under control. hell i couldn’t figure out even what it was doing. with CFP3 i simply went to Network Policy interface, clicked on the svchost.exe policy. clicked on it’s one rule, and enabled logging. i came back to the log 4-5 days later after running my computeer as i normally do, performing nearly all, if not all of the tasks i regularly perform, and tracked what svchost.exe connected out to. it was consistent over that entire time. one ip, one port. i modified the rule to reflect what svchost.exe needed…done. created a block and log all rule, the file has what it needs to work, and i no longer think about it! amazing!
that is just one example of how this firewall, while granular is made simple by that very same granularity!! again…simply amazing!
i informally followed this firewall since Comodo first began releasing info about it. i considered installing the first alpha, but passed. and i resisted my curiosity about it until late December, when i came to the website specifically to download it. i first wanted to get a sense of what end-users where experiencing with it, and discovered the uninstall issues thread, and again decided to pass. btw, that issue is simply inexcusible. no excuse for it, zip, none, nada. if i did not have snapshot and imaging software, this FW would not be on my system today. but i did decide to install CFP3 5-6 days ago on a test snapshot…immediately impressed. it now is on my day to day snap, and included in my twice a day image update (i have a seperate pre-CFP3 image----just in case)
the one question i have at this time is: how do i block emule from occasionally connecting out via IRC. i run Prevx2 (the buggy, wobbly wonder) with it’s network protection enabled (it is not a firewall, but monitors outbound, and compares suspicious behaviors to the community database to mark malicious connections) and it’s Event Noitification window indicates when emule is utilizing IRC. i have set-up specific rules for both inbound and outbound emule connections, and then a deny all that do not match rule to complete the policy. i, however see no rule i can design that restricts IRC protocol. is IRC even considered a protocol?
thanks in advance and again nice job on this firewall, i sincerely could not be more pleased. well yes i can. Comodo get your do-do together and design a competent uninstall routine or at least a developer implemented removal tool! even the wobbly wonder Prevx2 has one of those (and it needs it too).