Leave Win FW ON with Comodo FW with Win 8.1 64 bits???

gdiloren · February 9, 2014, 5:36pm

quoted fromhttp://malwaretips.com/threads/best-firewall-for-windows-8-1.19695/page-2 : I’ve already looked at Microsoft and Technet sites:
Windows Firewall with Advanced Security
Windows Firewall with Advanced Security Getting Started Guide
Introduction to Windows Firewall with Advanced Security
(just wondered if you have a favorite guide elsewhere)

Littlebits said: ↑
Comodo and other HIPS products do very well protecting software and software vulnerabilities but can not protect against vulnerabilities in Windows or malicious processes that run at the OS level. Security software only can protect against processes that run at the software level. If the vulnerability is exploited in Windows and the network drivers are compromised at the OS level, Comodo will not even know it happened. Anything that runs at the OS level can easily bypass any security software including advanced HIPS. I’m sorry but Comodo is not as bulletproof as many believe it is. It is much more important to keep Windows updated with the latest patches because OS vulnerabilities can not be protected by security software.

Thanks.
Apologies as this is probably completely off-topic, aargh!
So should I leave Comodo FW ON along with Win FW on Win 8.1 or not??? Note Avira Free runs now totally on Win FW and left completely their own FW!

Chiron494 · February 9, 2014, 6:59pm

As I understand it Littlebits is both right and wrong. If a process is running at the OS level there is very little CIS can do to protect the user from it. However, the question is how it was allowed to run at that level.

What CIS does, is it only allows applications which are trusted to run at that level. Thus, malware will be prevented from operating at that level by CIS, and that is why CIS is able to protect users even from those malware which are designed to operate at that level.

Am I misunderstanding the situation, or is this merely a misunderstanding of how CIS works?

Thanks.

gdiloren · February 9, 2014, 8:44pm

Thanks Chiron! You’re right! This statement came from a MS Tech to leave both FWs running on Win 8.1 because of this situation but as you pointed out this is a rare an extreme case and anyways two firewall will badly affect performance and have interactions on any OS.

gdiloren · February 9, 2014, 10:03pm

I think somebody started this but misread MS Technet as we usually start rumors on the net ;):
“…You cannot uninstall Windows Firewall with Advanced Security; you can only disable the firewall functionality.” from here I Need to Disable Windows Firewall | Microsoft Learn
It’s also being discussed in the Wilders Forum http://www.wilderssecurity.com/showthread.php?t=359459