For some time, and i do not know how, a virus has been resident on my bios, because it loads up before anything else on the system it is to all intents and purposes invisible to any other programs looking for it.
I had been running wireshark to try and capture information either coming in or leaving related to this virus, what i noticed was that whenever it became active i would get a messsage saying wireshark has stopped working in an unexpected way, then immediately after that, i would see another comodo icon appear in the system tray, i would get no message and when i moved the cursor to the system tray icons they would both dissapear, on checking the process monitor i would see comodo was no longer memory resident.
After restarting comodo i would do a diagnostic check which would find errors that it fixed.
Is there anyway that comodo can be hardened against “outside tampering” i have set the password.
After doing some looking around i found metasploit has a “sploit” aimed at taking down comodos firewall from the outside giving access, i dont understand how this happens but it must begin by stopping or interfering with a critical process.
Can the product be hardened against this kind of unwanted interference, possibly making the product to much of a hastle to even try and take down?.
Also on another computer when i am gaming i am seeing connections being made through the running application coming in on an entirely unrelated port to the program with the firewall configured to only allow outgoing connections and a firewall rule to deny any mac in with any ip traffic, firewall on safe mode.
i would like to see a way of entering behaviour that relates to expected behaviour of the program i am running, i know you are going to say “The firewall already does this”, but it is not stopping traffic that is spoofing itself as part of the program arriving on tottally unrelated ports to inside my pc and then allowing a lan side scan of my network looking for other pc’s.
This sort of behaviour should be easy to detect when all my program is doing is connecting to steam.com and then swapping traffic on three of four ports.
Having a connection coming in and performing a lanside scan is nothing like gaming behaviour.
I very much like your product and use it on my pc my mums and my girlfriend uses it too, i appreciate the fact that you make it free of charge, even though it is free i believe it is far far better than a lot of products asking for a yearly license fee.