My thoughts of V3

Hi there, newbie on this forum, not at all in firewalls :slight_smile: A little background… i tried ZA SS, KIS 6, tried Outpost, tried something that was formerly TinyFirewall, tried some HIPS (SSM, ProcessGuard)… Most of the time i sticked with ZA 6, and then ZA 7. It worked for me completely, i knew how to do anything in it. But some time later i found that ZA’s anti-virus sucked. While ZA 7 has Kaspersky’s AV engine (which is, apart from everything, slow as hell), it obviously does not share the signature database… Anyway, i was dissapointed and wished to try something else. I did not even think of installing Kaspersky’s Bloatware Suite 6 again (even though it has a best AV so far), so i checked various sites and NOD32 caught my attention. Installed, worked fine until i began to get BSOD’s. ZA was immediately uninstalled. And so, having only SP2 firehole and NOD32 i went into trying different stuff - firewalls and HIPSs, ran into and saw a previously unfamiliar Comodo Firewall, which was performing very well on leak tests… Tried it (version 2.something), worked fine with NOD32. But there was one thing that i couldn’t get through my head - the HIPS features of Comodo. When i was working with ZA the leaktests (if not failed) thrown and alert - blablabla.exe is trying to use iexplore.exe to connect to internet. And i was asked - allow or deny. In case of Comodo - i was allowing only internet connection. I mean Comodo did not throw any alert when a process tried to, for example, inject a dll, but only when a process injected a dll AND tried to connect to internet. This was pretty strange to me. After that i had a system crash (caused by incautious usage of Partition Magic :slight_smile: and then i had no network for two months, so no need in AV/firewall. And again, network is up, NOD32 installed again, SSM installed. Went to matousec, saw Comodo performing almost perfect. Installed 2.4 (somehow i did not see a link to 3.0…) and was dissapointed again - no changes. It asked for update, i let it update. Rebooting, getting an error message and having Comodo completely uninstalled. OK, redownloaded (version 3.0, but i didn’t notice), installed (noticed some different stuff, interesting…), reboot… God ■■■■, is this really Comodo?! Freaking amazing!!! Proper HIPS features - all these alerts like “a is trying to use b”… For now i must say - i love this firewall :slight_smile: I have neither worries about harddrive space (120Gb internal, 500Gb USB), nor memory or performance worries (core2duo, 2GB RAM). I do not consider myself as an average user, so i don’t know is it user-friendly enough for a newbie. But it’s perfect for a ■■■■■■ like me - i like to tweak things and i made my connection and applications work exactly as i want! Great work, guys! And best of all - it’s FREE!

PS i have just one more feature request… Time control! Like i allow AV updates 0200AM-0600AM and block them any other hour. This would be great!

Thanks Burillo for taking the time to post this.



oh, forgot one thing - when i was trying some different configurations and rebooting - my XP won’t load up - i mean it displayed a welcome screen, but that’s about it - any program i tried to launch from a task manager (including firewall GUI itself) said about being a non-valid Win32 application. However, this was no problem for me - booting into safe mode, disable all security, load up in normal mode and reenabling security. Booting into safe mode is habitual for me, so i don’t think of it as a problem :-). I think with the software this complicated and powerful it’s vital to know how to properly configure it. So i guess i just had a misconfiguration somewhere in Defence+.

i guess it’s rather funny watching noob installing Comodo, setting everything up for maximum security and then complaining about annoying popups and applications not working properly)))) IMHO, if one uses a firewall - one must consider learning what is a firewall and how to use it. Everyone who uses computer MUST have some knowledge about it… Otherwise it’s like driving a car and not knowing whether it has automatic gearbox or not :slight_smile:

i mean i don’t think the power of a true firewall can be combined with ease of use - user must have a little knowledge to even understand what firewall alert is trying to say :slight_smile: otherwise the “security” is as good as nothing

the bolded quote is so true!

Disable Defense+ will solve the not valid app problem.

i already did, read my posts carefully :slight_smile:

it’s not all about the complexity of the firewall.
i think the interface has become a bit more complex than necessary for its functionality.

no. Comodo’s UI is just fine! i just can’t figure out how can a low-level stuff like firewall be easy to use for a newbie? yes, it CAN be easy to use, but for a knowledgeable user, newbie just won’t understand what is interprocess communications and access to DNS services :slight_smile: So, the more newbie-friendly is firewall, the less powerful it is for the experienced user, who doesn’t care much about UI, but the security itself, that’s how i see it. Yes, firewall can be noob-friendly in the “noob-mode” (low alerts) but it’s also less secure since when an application is allowed to connect to the net - it can connect anywhere and do anything. However, the useful thing in case of Comodo is the ability to choose a pre-defined template for an application. This certainly makes configuration easier for a noob yet delivering the same level of security (some actions allowed, some denied). Except there are too few templates. So, when the user can’t find a suitable template - he is forced to choose - allow everything (in low-alert mode) or tell Comodo this application is trusted, which is basically the same. I hope this will be fixed in next releases, but i don’t care about it that much, i prefer hand-picked rules :slight_smile:

well i don’t look at myself as a beginner. but i value a good interface. i also like hand picked rules. the interface more or less allows you to do this with the popup questions. which seem alright as far as i can tell right now. and you probably don’t really need to go inside the main window much that way.

but the tabs in the main windows contain a little too many items even knowing what they do, in my opinion.

well this is just a matter of taste :slight_smile:

but you know, if i were an UI designer, i’d consider redesigning it too :slight_smile: it does need some improvements: for example i don’t think that assigning a protected COM interface is a common task :slight_smile: also i don’t understand why the FW rules (i’d prefer RULES, not SECURITY POLICIES) are in “advanced” tab when it’s so common to bring up UI and allow a couple of ports for an app (or maybe it’s common for me solely?). Maybe all D+ or FW settings could possibly be in one window (of the D+ or FW tab) but in a different way - for example all the stuff like “My protocted COM interfaces”, “My Protected Files” and “My Protected Registry Keys” could be in one popup window, thus we have one button instead of three.

Of course a user has to know what rights to grant to the applications, but please , I would like a sincere answer, my system requirements are OK with v 3.0???


PD… I expect Melih’s and the others moderators don’t hate me… I consider myself a polite person

comodo firewall 3 eats up only 7mb of RAM on my PC - it can run on a typing machine, so i think there shouldn’t be a problem :slight_smile: