is the comodo firewall ok?

Dennis2 · June 19, 2012, 1:08pm

egemen post:1:

Hello Guys,

The issue is avast intercepts WEB connections at the driver level and redirects connections to its own local proxy.

Because CIS operates at NDIS layer i.e. the lowest layer of the protection, it sees the actual connection i.e. avast proxy. Normally CIS should have blocked the loppback area connection to the proxy however because of the limitations in Windows 7, it fails.

CIS uses TDI, WFP and NDIS to provide its firewall functionality. WFP maybe enough ti implement an average firewall but it is not enough for a firewall like CFW so that it could not be used alone wihtout the support of the other 2 technologies. Windows 8 allowed us to use WFP more than previous windows editions and it should not be a problem with the next CIS editions which support Windows 8.

snip

Radaghast post:189:

There’s probably a more reliable way than the last ‘kludge’ I came up with but it’s a little more involved. basically, you’ll have to:

Disable the DNS client service.

Add a block rule to AvastSvc.exe that blocks DNS

For the applications you wish to allow, create individual DNS rules

Crete a rule for ‘All Applications’ that blocks DNS queries

Place the ‘All Applications’ at the end of the Application rules list

This should only allow connections that can do DNS resolution themselves, then use the avast proxy for the connection. You could probably do this in a couple of different ways, but this is probably the easiest.

Just don’t forget, whatever we do with these makeshift rules, they’re only bandages, they’re not designed to completely fix anything. Also, they might not even work as you might think. You’re probably better off, either allowing browser traffic only through the proxy or disabling it altogether. There’s still plenty of protection, or should be.