Web Shield

I agree with Comodo that a webshield or other shield (IM, p2p and what not) is not needed.

My first ever encounter of giving up on a shield was when I switched, back in the days, from AVG AV to Avira AV because ABG had gotten too heavy on my older hardware running Vista. Back then the Free Avira AV did not have an email shield at all. I never got infected by email without an email shield.

Still on the same hardware I started using CIS 3.5 ( the first release of CIS) which did not have any additional shields other than keeping an eye on when things get loaded/written/read from or to memory or hard drive. CIS protected me; even with less than mediocre detection rates.

A HIPS/sandbox based creature like CIS will protect you very well even without signature based detection. And I strongly urge to follow Chiron’s guide to get the best protection.

Seany007 mentioned that a webshield would protect better against exploits in the browser. In my definition of webshield this is a signature based creature and not a proactive creature and will not stop exploits.

One of the tricks CIS has up its sleeves is the buffer overflow protection which will stop a bunch of exploits in its tracks when a signature is not around.

As a long term user of a proactive products like CIS I would be more interested in a comparison of various proactive products; think CIS, Exploit Shield and Emet.

Other than that I see no reason not to move it the AV Help board unless comes up with a serious argument, other than detection arguments (yawn), implicating that a webshield would be a worthy addition in the proactive realm.

EricH your only saying that cause your a mod. But if 99% of antiviruses out there have incorporated a web shield then why hasn’t Comodo? If they are not needed then why does Norton, Symantec, Kaspersky, Avast, Avira, Bitdefender and Panda all use them?

Why do you think that? Just because he’s a mod that means everything you don’t agree with must be his opinion only because he’s a mod? I agree with EricJH and I’m not a mod.

This has already been answered, even in the first reply to your thread.

There could be several reasons, like if a customer has to choose between two products and see one has a web shield and the other doesn’t then that customer might choose the one with a web shield even though the other product might have better protection. Another might be because they don’t do things like Comodo does, the way Comodo does it the web shield is redundant and would only eat resources, other companies might not do such a good job on the actual computer and hence rather stop viruses before they hit your hard-drive. But honestly I’d say it’s the fact that people believe they need a web shield and hence if they would not have one, less people would be interested in the product. I don’t think Comodo likes to fool their users and hence don’t want to add an essentially useless web shield.

I have used Avast for a long time. It does not use resources and does not slow down browsing. Avast is actually my top choice when it comes to antiviruses. But I wanted to give CIS 6.2 and good trial run cause I think it has matured enough. So saying that a web shield is not needed or uses more resources is false. With todays computers resources should not be an issue anyways. For those still no XP with a P4 and 512MB of ram yeah sure it is. I have also used Bitdefender for along time and no issues. So again if all these top companies use a web shield then there is nothing wrong with it. As in matter of fact AV Comparatives performance test rated Kaspersky, Bitdefender and Avast extremely well and the ALL have a web shield. I am NOT criticizing Comodo in anyway. But this is merely a suggestion based on actual facts. Thanks.


Comodo makes the ONLY free internet security suite around and I commend them for that. If all these other companies can do it then so can Comodo.

It might not slow down browsing but it does use resources otherwise it would technically not be able to even exist on your computer, even having it on your computer without running it is taking resources, the resources being hard-drive space.

You say this but give no arguments to support it. A web shield is not needed with CIS, what do you think it would contribute with? Also it does use more resources than not using it or even having it at all, it might not use a lot of resources but it does use more resources than not having it at all.

For many people it isn’t a problem, but when you add a lot of minimalistic features they suddenly merge to be heavy, why waste resources on something that is actually not needed? And there are still many people who can’t afford to upgrade to better PCs and such.

Yeah, I guess you’re right… and all the top companies like google and facebook are spying on you and sending information to NSA so there’s nothing wrong with that. (Point is, just because something is done by a lot of people or companies, that doesn’t mean there isn’t anything wrong about it)

Based on what facts exactly? I am not sure you understand the meaning of fact. The performance test doesn’t really prove anything, it just proves that those products perform well, it doesn’t mean that they would have an even lesser impact without the web-shield and it doesn’t prove the opposite.

Honestly I don’t think having a web shield would be negative for CIS, however it wouldn’t bring anything positive enough to even code it.

Just because top companies use a web shield does not make it a must have :slight_smile:

Free for all which includes a lot of low power computer who cannot afford to upgrade there computers.

Yes Comodo could, but this still does not mean it should :slight_smile:

Yes I am a Moderator, but this is a my personal view as a user.


I agree entirely with EricJH, SanyaIV, and Dennis2. However, that does not mean that I am not missing something.

Maverick326, can you please explain the advantages you see for incorporating a web shield (assuming that a piece of malware will be detected as soon as it tries to run on the computer)? It may be that there’s a scenario I’m not thinking of.

Thank you.

Ok this is the problem with Comodo and always has been. Someone brings up something or suggests something and all the fanboys join in and stomp all over it. This was my main reason for never touching another Comodo product again. Lol…Hard drive space. With a 1TB hard drive do you think I’m worried about space? The average new pc has 500GB hard drives or larger. Again I will say if 99% of companies have incorporated a web shield then obviously there is nothing wrong with it. Do Comodo fanboys honestly think that CIS is superior to every other product out there? Gezzz…This is a suggestion and not an argument. Once again you Comodo fanboys ■■■■■ things up.

The proper reply would be “Thanks we will look into the idea and possible incorporate it into future builds”

Lol…Of course you agree…Your a mod/fanboy. I do not need to explain myself when every other company does it. Again this is merely a suggestion and NOT an argument. Every Comodo fanboy thinks that CIS is the best security product out there. Reality check my friends…Nothing is “the best”. They all have faults.
A web shield filters traffic before it even has a chance to be downloaded into your pc.

Rarely am I misconstrued as a fanboy, but I suppose it’s possible it may happen every once in a while.

However, at the moment I feel a need to prove otherwise. Thus, I will outline some of the flaws I currently do see in CIS. One of these is the very low detection abilities of its secure DNS service. I believe this drastically needs to be improved. Currently it is not a line of defense I would put very much faith in at all (especially as it is the only line of defense, excluding browser detection, that most CIS users have to protect them from phishing). Another is that the antivirus database is too large. This is evidence that the generic signatures used by CIS are not very potent. Other threads have reached the same conclusion. I do believe that these need to be improved, as many other AV’s, such as Avast, have outstanding generic detection.

In fact, I believe one of the best services I have seen on this forum is when ordinary users find, and report, vulnerabilities and problems with CIS. Comodo has always welcomed constructive criticism, and I believe improved CIS accordingly. For recent evidence of this you can see the drastic improvement of the virtualized environment incorporated in CIS. Originally there were many leaks reported. However, at the moment I am only aware of a few minor ones, and these will be fixed as well.

However, I am not aware of any loss in security from (at least with CIS) the lack of a web-shield. Thus, if there is a scenario for which it would be beneficial to have the malware blocked before it reaches the computer, please let me know. I’m not asking this rhetorically. If it really would help improve CIS, and not just so people will think it’s better because it has a web-shield, please let me know and I will get behind this. I’m sure many others would as well.

Thank you.

Adding malware blocking into Comodo Secure DNS would be a great idea. Currently I am using OpenDNS. Symantec’s Norton DNS has malware blocking. Sounds like a plan Chiron. Thank you for your mature, kind and unfanoy like reply. When the average user comes across a web page that says “malware blocked” or a pop up in the right hand bottom corner saying “malware blocked” before a download even starts is a great sense of security. The av data base size does not bother me. But as I already stated blocking malware prior to it even being downloaded is prevention. And isn’t that what Comodo states for? “Prevention rather then detection”.

Please be careful where you going.

Yes this is a Moderator post.

Thank you


I completely and respect that. But it is a known fact throughout security forums that Comodo fanoys pollute the air everywhere. I really wish it would stop. It would make your products so much better if they weren’t surrounded by drama. I have used and or tried everything out there so I am not a fanboy of anything in particular.

My Comodo experience goes back to the 2.4 firewall days. That was an awesome product. Again I will state that CIS is a great FREE security suite but the fanboys tend to ruin it.

All the threads in the wishlist area where Comodo users welcome new constructive ideas proves you wrong. If I would think this was a worthy addition to CIS then I would welcome it, however so far I do not think it is a worthy addition to CIS and you haven’t really given any reason for me to think otherwise.

Taking a ‘no’ personally and not being able to see both sides of the coin while also over-analysing the side you see?

You argued that a web-shield didn’t take more resources and I gave an example to why you were wrong, I never stated that the resources ever were of great importance, actually I even mentioned it perhaps doesn’t use a lot of resources but to say they use no more resources than without the web-shield is an out-right lie and something that should be corrected.

I’ve already stated why I disagree with this.

Some may do, but not all.

Why make a suggestion if you’re not going to give arguments as to why it should be implemented? Comodo would need a reason to implement something and if you don’t give arguments for it then do you expect Comodo to come up with arguments for it?

Because we argument against allocating hours and hours of coding (Edit: Also add things like bug-checking and such here) for a feature that doesn’t even make sense to implement in the first place while the creator of the suggestion refuses to give any argument as to why it should be implemented and then throws out fallacies seemingly in every post?

Yes, we Comodo users (who you like to call fanboys) are really the ■■■■ of the earth.

Yes I agree, Comodo should bend over and bystanders shouldn’t interfere with their concerns.

“Why make a suggestion if you’re not going to give arguments as to why it should be implemented?”

:-TU :-TU

I do not need to backup or argue my suggestion when just about every antivirus on the market has incorporated a web shield years ago. Please stop this nonsense about resources. If anyone who complains about an an antivirus using too many resources then you better get a more powerful pc.

I have used Avast for several years. It has a web shield and your resources do not go up when surfing the internet. Same goes for BitDefender and Kaspersky.

SanyaIV…Please stop your needless quoting of every sentence. You are a prime example of what I speak of.

A lot of them also rely entirely on detecting malware in order to protect a user. Thus, under that model of so called protection, a web filter would be a very useful part of protecting users. However, with CIS even unknown malware will not be able to harm the computer (due to the BB or HIPS). Thus, CIS has a noticeably different protection approach than the types of AV’s from whom the idea of a web filter sprung.

Not everyone has as much money as you apparently do. There are many who have far more pressing financial matters than buying a new computer so their antivirus runs well on it.

In my opinion a good protection application should always try to use as few resources as possible while protecting the user as much as possible.

A web shield and a web filter are two entirely different things. A web shield is part of a security suite and or antivirus. It filters HTTP traffic for malware. A web filter is a parental control to filter things such as porn, gambling or drugs. K-9 is a prime example of a web filter. Avast, Kaspersky and Bitdefender all have a behavior blocker and a web shield. CIS is not the only product with a BB or HIPS. As far as money goes…You can buy a new laptop off Amazon for less then $400. 88)

Avast has a BB and a sandbox. Along with a web shield. Kaspersky also. Kaspersky also has HIPS. Avira even has a web shield. So if 99% of antiviruses think a web shield is important why doesn’t Comodo?

Just because a product uses less resources does not mean it provides better protection. Kaspersky and Bitdefender provide top notch detection but are slightly heavier on system then Comodo. Heck even Bitdefender Free has a web shield.

I believe this is the same capacity which Comodo DNS is supposed to fill. It filters out known phishing sites and known malware sites (although I have already mentioned that I believe there is much room for improvement).

Or, for many people, you can pay a portion of your rent.

Please explain how you think it would benefit CIS. You have yet to explain what vulnerability the lack of the web-shield has for CIS. This is the crux of your argument, and something which is sorely missing from this thread.

I never argued that less resources equals better protection. In fact, that would be a meaningless argument as I can point towards many fake AV’s which use a lot of resources but have negative detection rates (meaning they actually infect your computer).

Comodo Fanboyism strikes again. Thanks. I thought I would try CIS 6.2 and give it a fair trial run. I provided a suggestion based on facts of other products. A reasonable reply would to say “Thanks we will look into this idea and possible add it into the next build”. Instead I get an argument based solely on the fact that every Comodo users thinks CIS is perfect on its own and does not need a web shield. Ok maybe it does not. Then as even stated Chiron, make Comodo DNS better. This is what the people at Wilders speak of and various other forums. The minute someone posts something negative or even suggests something the mods and fanboys rush in and shot it down. When I get around to it I will mount my stored image which has Avast Free on it. Thanks again all of you for proving to me why i stopped using Comodo products. The fanboys ruin a great thing.