New comodo user here

Hello all,
I’m George from Greece. I hope you all feel nice today.
Feedback : Thank you very much for this free firewall (especially).
Hehe how can someone compare CPF - a piece of art and protection, with any other firewall commercial or not, out there? When this great firewall is offered free of charge?
I’m an x-user of norton internet security, tiny personal firewall, kerio personal firewall, jetico personal firewall and lately outpost pro (4.0) firewall. With exception (and respect) to kerio pf, and outpost all others are not enough to protect a real internet/lan user.
Sunbelt bought kpf recently and put it on the lose. Wholes, randon bsod, bad filtering → Obsolete.

One thing i’d recommend to comodo developers would be to have a close examine the way kerio personal firewall worked in the packet filtering module. In so many years i still haven’t found something similar to the way kerio configure the application rules. I could create a 1 line rule including proto-direction-remote dest.-local dest. - everything. In one line. So why not? I think that CPF miss this functionality.

Agnitum released their death. Outpost firewall pro 4.0. Have a look at their forums. They are dead meat… Full of problems. Version 4.0 gave a more strict security - useless to all of us cause no program works with outpost without problems. Blue screens are back, the web module gives reboots, high cpu utilization, very slow browsing and soooo bad compatibility with almost every program i used, obviously because of the antileak module. Component module? Set it to high and you’ll faint from the continous prompting… Protowall crashes, flashget incompatibility(?), nod32 incompatibility, kaspersky incompatibility oh god forget about it.

CPF is impresive! My rig runs fast never had a problem and after reading the manual and have a look to the posts i managed to configured it properly (i hope) ofcourse by setting the “frequency alert slider” to very high and take control of apps (and system) comms. Passed the leaktests but i only have an issue with ole object control. Today i upgraded to internet explorer 7.0 final and right after i get all the time alerts about ie7 - parent:explorer that parent app tries to communicate suspiciously through ie7! I keep on playing with options in app monitor section but i can’t solve this…
My rulest for ie7 is:
Allow loopback UDP to any local port
Allow dns servers UDP to 53 remote port
Allow any TCP to 80-82,443 remote port

Any help will be welcomed. Thank you and good luck with next steps. I really believe that this firewall could be the no1.

Hello and welcome to the Forums,

Glad to see that you like the Comodo Firewall. Please be sure to recommend it to all of your friends so they too can use this firewall :wink:

Hi George & welcome.

I think it is because you have the alert level on very high. You upgraded to MSIE 7 & I bet that changed quite a few components. So, you get prompted for that lot. Then, you are going to be prompted for every instance where something that integrates with explorer and/or uses explorer… right click menus, shell integrations and then there’s the parent thing. Quite a few things have explorer as their parent. So, all-in-all, you have asked for & are getting a ■■■■ load of info & authorisations. Basically, you are authorising the whole explorer relationship tree. Twig by twig. :wink:

Updating something like MSIE is a major thing. Unless, you had your alert level set to a very low level then you would receive multiple pop-ups because of that update anyway.

Hi kail,justin1278 thanks for answering :slight_smile:

Alert level has to do with how specific will be the created rule , so i save much more time configuring my system this way. After i edit some lines and all set! The duplicate rules are removed automatically!! Very good thing.

The ole thing has stopped after a shutdown. Since then i had only alerts from blocked programs that tried to fool cpf and connect through an other app. I think it was like cpf could not remember the block/deny decision(?). I also created a total block rule for explorer.exe.

A last question. When i edit dest. ports manually in app. monitor rules the modified port appeas in the app. monitor under the column port like that:“IN [80,443]”. What’s the IN? it confuses me…
(M)

If under the “Destination Port” tab you had ticked the “Exclude” option, then the entry would be displayed as “NOT IN [80,443]”. So, it’s dependent on if you are including (IN) or excluding (NOT IN) the port(s).