Brief report: I look after a small network of XP sp 2 machines, which is behind a NATS-translating router. Machines are doled out an IP adddress by router.
I’ve used zonealarm free for ages. Thought I might experiment with Comodo (2.4.18.184).
(a) Using default installation, specifying that standard apps like Outlook Express and Firefox
were allowed apps wasn’t enough; also had to establish network rules for standard ports (80, 81, 53 for pop3, etc). That’s quite a bit of work to get basic net apps to run.
(b) I never got intranet file and print sharing to work, despite spending several days, on and off, messing with trusted zones, allowing traffic on the netbios ports (on reflection I was only allowing them to and from on trusted zone, which might have been an error: looks like maybe they want to talk on 0.0.0.0).
In the end (b) was the killer. My clients must share printers installed on other intranet machines and must be able to browse files. After several days I killed comodo and dropped back to zonealarm.
Too bad, but IMO not yet ready for prime time. File and print sharing are basic and essential
workplace features; if Comodo can’t be configured simply and easily to do that, not worth the time.
I got it to work on a similar setup (my home network). I’m not sure how fine-grained you need your security to be, but you just need to add the range of IP addresses that your router can dole out into a “zone.” Then add that Zone as a trusted zone. It should automatically create rules allowing all traffic between computers of that zone.
You might need to edit the rules if there are things you don’t want intranet users to do in terms of interacting with each other, but that’s the basic setup that enabled me to get it going. I also had to add the router itself as a zone and trust that.
If you check the program logs you should be able to see exactly how it’s blocking the stuff you want to do…then just configure the program to not do that.
I agree that it’s a bit over the top at first, but at the same time I appreciate it, and it gives me the feeling that the program is doing its job.
The key thing is that unlike ZA and most other firewalls, CFP has a layered defense. You can’t just say an application is allowed and that’s it; the type of traffic has to be allowed as well. Nor can you say that a type of traffic is allowed but not allow an application specifically to use that type of traffic.
I will agree that CFP 2.4 does not have a single button to click to automatically set up all rules for file & print sharing; v3 (currently in Beta testing) is a little closer to that goal. Unfortunately, the more simple the FW integration becomes, the less protection it seems to offer. It’s a bit of a trade-off, IMO.
New Comodo user, on XP Pro, sp2. Got everything working beautifully after some birth pangs.
But then, Microsoft began downloading and installing its newest 13 updates. Turns out that after I let that installation go through, on restarting I have no access to the normal working programs on my computer. Fortunately, I’m still able to restart in safe mode, and from there I can get to the “restore to earlier date” routine. That gets rid of Microsoft’s updates and puts me back in business. But Microsoft never gives up, so every day or so I keep having to undo the installation of those 13 updates.
Should I uninstall Comodo? Bummer. It’s probably not great to do without the Microsoft updates. I wonder if there’s not a more adaptive solution. Thanks for whatever advice is out there!
Unfortunately, Windows’ most recent updates seemed to really do a number on things, and CFP didn’t do too well with all that.
Most folks have found that uninstalling CFP after there were conflicts with the updates having been installed, then reinstalling it, has resolved the problems for them.
If you choose this route, here’s my recommendation (remember, the MS Updates are already installed):
Boot into SafeMode. Uninstall the FW.
Reboot into SafeMode. Run a registry cleaner like ccleaner or RegSeeker (being sure to use their “backup” feature prior to removing any entries.
Reboot into SafeMode. Reinstall the FW.
Note: If you have a lot of detailed Network Rules that you don’t want to rebuild, you can export them from the registry prior to uninstalling the FW.
Open Regedit and navigate to:
HKLM/System/Software/Comodo/Firewall Pro, and then work your way through that to find the precise key for Network rules (I’m not sure the exact name of it, or I’d tell you - I’m running the latest Beta at the moment, and it’s different). When you find it, highlight, select “Edit” menu, then “Export”. Save it to the desktop or someplace easy to find.
Immediately after reinstalling the FW, but BEFORE rebooting, reimport that registry key by double-clicking it. Then when you reboot, your Network Monitor rules will be there already.
I think Comodo Firewall is an awesome product! It’s free. It’s functional. However, I have a slight problem. I run Comodo Firewall, Comodo BO Clean, Antivir Antivirus, Spycatcher Express, and AVG Antivirus. Sometimes, out of nowhere, while I am surfing, I get a message to the effect saying that my page cannot be displayed. First I thought it was my antivirus doing this, so I turned it off and tried to surf again. But, the same message appeared. Then I turned off the firewall and what do you know, I was able to surf again. I don’t know why the firewall behaves this way. I have encountered this problem numerous times and even have uninstalled and reinstalled the firewall numerous times because I like it so much. However, I am not sure what I should do. There appears to be some type of conflict with Comodo Firewall and probably one of my other programs, but I don’t know which one or ones nor why. I can change my AntiVir Antivirus if I have to, even though I like it too. If anyone has any advice, please let me know. Thank you.
Here’s the thing, iconoclastnj (and welcome to the forums, btw) ~
You know your browser is allowed because you can browse in general. However, you are running two AVs. Are they both real-time/active, or is one for on-demand scanning only? Does spycatcher express have real-time scanning, and especially a webfiltering feature?
If CFP is blocking something, it’s in the logs. It may be possible that some websites are needing to use certain types of protocols to load content, which CFP is blocking. The thing to do would be look through the logs at the time of the block and see what matches up.
Hmm, as I’m thinking through this, let me ask a question… when you can’t load a page, if you leave the firewall running, can you load a different website? Can you use your email client? In other words, can you access the internet in general, or is it just that one site?