PCMag CIS v6 review

Made me sad to read about comodo firewall as a “leaking” thing.
One of “the” firewalls…

Some people are too focused on having no questions to decide. As a quality.
But in fact, it lowers the quality of the effectivity they get.

There are happy people with an antivirus of the bottom of lists,
because its silent.


I’d be interested to see how he was able to terminate the firewalls processes using Task Manager.

AFAIK this simply can’t be done.

Ewen :slight_smile:

I thought that with V 6.0 this was now allowed, but only for the user. If programs try to do it they will be blocked.

Am I mistaken?

It can be done, unless you enable HIPS.

Administrator privileges are required to terminate the service (cmdagent.exe), of course.

“The firewall stealths all ports, making your system invisible to outside attack.” He means it closed down ports? As we discussed with the Gibson Research no such thing as stealth?

“The dozen leak test program I tested slipped right past the firewall’s program control. Like ZoneAlarm Free Antivirus + Firewall, Comodo didn’t detect any of the thirty exploits I threw at it.” He used Internet Security mode right?

“Secure DNS also aims to steer you away from malicious or fraudulent websites. However, in testing it hardly blocked any phishing sites, with a detection rate 91 percentage points below Norton’s and 47 percent below Internet Explorer 8 alone.” Once again Secure DNS needs a lot of work into it.

“One test system only runs in Safe Mode due to invasive ransomware.” Issue with the low restriction level. Elevate it by default?

“Comodo’s scan wiped out an essential file.” What file?

“Comodo detected 82 percent of the malware samples. However, in quite a few cases it left behind one or more executable files, or left behind 100 percent of the non-executable malware traces. Its overall score of 6.2 points for malware removal is good. Top scorers in this test, with 6.6 points each, are Webroot SecureAnywhere Complete 2013 and Norton Internet Security (2013).” Good result. Malware trace is not a threat.

“As noted earlier, this same Behavior Blocker interfered with installation of many perfectly valid programs.” Use common sense here.

“I always check the labs to see how well their results jibe with mine. In Comodo’s case, they’re not much help.” Erm… He don’t seem to follow such things? Or know what’s going on?

“Even so, you needn’t worry. The average suite these days doesn’t have a big effect on system performance. While Comodo isn’t as lightweight as, say, Webroot, you’re not likely to notice a performance drag.” Really? Try KIS 2013 LOL! Comodo needs to fix few issues with the system performance from what I hear from few users here on the forum. But it is a lightweight in my view and it feels like one on my system.

i am abit curiious what are malware traces but i do want comodo to be able to detect malware or maybe exploits malware that reside in document formats or java

for the stealth as long as it will completely block it its okay

and i do think that limited should atleast be default

for the performance it may get better since its still about 2 months since the first relase still more can be found or fixed

Comodo did excellent with defaults.

Autosandbox protected from all malware, that we know & is amazing.

Remains/traces are not dangerous & Comodo will keep improving.

About the apps failed to install in autosandbox - As I always say experts know what to do so no prob for them…

…And with this CIS version defaults no probs for average users too coz its effective with no popups & the apps fail to install in autosandbox, average users would face this very fewer to none. Tests & real scenario is different. I have 3 systems at home & all the users are average. I installed CIS 6 on all the systems the date it was released & till date no programs autosandboxed or didn’t worked. All the programs these average users use were either in TVL or Cloud Whitelists.

CIS was always more of experts program, now its average/majority/any/all users recommended program.

AV-Test and AV-Comparatives perform innovative tests that do their best to match real-world user experience, but neither includes Comodo in their testing. [...] Just looking at the available results, it seems Comodo did better in my hands-on tests.

“…it seems Comodo did better in my hands-on tests.”
We always say that the best tests are done by users. Those are real world tests. Thats why he recognizes that his hands-on test gave better results. AV-TEST has some flaws in their testing. And AV-COMPARATIVES is not certified.

“I decided to allow it a perfect 10, but with an asterisk, and also included its more realistic score without the Behavior Blocker.”
What is wrong with him? “More realistic score without BB”??! ???
In what sense is more realistic without BB? BB is included in the suite, ins’t it?
Comodo did what he wanted to do. Block ALL malware. He just cannot stand that this product is by far more secure than others he loves uses (Norton).

If your budget won't stretch to paid protection, you can get the essentials from Comodo Internet Security Premium (2013), along with some features aimed more at techies than at the average user. But if you can scrape up the cash you'll be better off with one of our Editors' Choice suites. Norton Internet Security (2013)$35.98 at Discount Mountain is a full-featured traditional suite, while Webroot SecureAnywhere Complete 2013$39.99 at Webroot packs unusual protection into a ridiculously small package.

“But if you can scrape up the cash you’ll be better off with one of our Editors’ Choice suites.”
IN WHAT WAY we will be better off with products that didnt protect 100%? Am I missing something? COMODO with its DEFAULT DENY did protect 100%.

Seems to me that he is getting paid for recommending Norton and/or Webroot.

+1000 :slight_smile:

Missed that part. Looks like it. He should not lean towards one product or another. He only need to give his verdict the rest is up to the consumer to decide. Instead he push you to one side.

A firewall in internet security mode should be internet secure :slight_smile:

I think the default settings should be strengthened (Proactive), and HIPS enabled by default, but that is just my opinion

;D Yeah… No I just wanted to know but no way to find out. My point here is that proactive would have been much more secure.

Agree. Also the restriction level should go up to at least ‘restricted’. But no need for the HIPS. BB would do all the job with “enable enhanced protection” setting as it is…


But we know how the story goes:
Majority of vendors, sale a false sense of security (they do actually sale “some” security, I’ll give them that), and they are the good ones. COMODO gives free products with excellent security (proved with results in his test), but at the end, COMODO is the bad one.

The bottom line is that CIS, in it’s default state, blocked all malware he threw at it. Maybe I’m missing something but isn’t that what a security suite is supposed to do?

+1. I wouldn’t say the HIPS, But I think the Auto sandbox should be set to limited, or possibly Fully Virtualized by default.

I think the following conclusion will make Melih happy:

Free Is Good
With its Behavior Blocker enabled, Comodo aced my malware blocking test, but that same feature trashed the installation of valid utilities. On the plus side, the plethora of popups from this feature in Comodo’s previous edition have been seriously toned down.
It blocked all malware and has become very quiet. :-TU 8)

Indeed…making a top notch security product and making it user friendly takes a lot of genius!