Will CFP 3.0 be equally powerful/effective as System Safety Monitor?

Hi,everbody-both users and moderators!
I do have some questions and recommendations,but I also need some help.

1.I silently visit your boards every week,and I must say I’m very satisfied with CFP 2.4.184.
But what really interests me is that I would like for CFP 3.0 be a combination of both Internet and System Firewall.
Now,I read somewhere that CFP 3.0 will have fully-featured HIPS,but what does it mean?
What fully-featured HIPS mean?

2.Will it be like System Safety Monitor-will you be able to kill/terminate the malware process(or anything else you want)inside your computer,and how configurable will it be?

I’ll admit that I’m a novice user when it comes to the firewalls configuration settings,
but I have used Outpost recently and Jetico2,so I did learn some things.
However,I’m willing to learn everything what I need to configurate firewalls.

3.However what I highly recommend is “automatic rules creation”,basically Comodo
automatically makes every rule for each application,process and etc…
Very similar stuff has Outpost and it’s always downloading new rules
for new applications and processes as far as I remember.
What do you think?

4.Will CFP 3.0 use MD5 or SHA256 for leak-tests combined with fully-featured HIPS?

5.Also,I have a question about Egemen’s answers about kernel-level driver application,processes
and etc…
Here is what administrator Egemen said:

"CPF 2.4 is NOT an anti malware tool. It does not intercept any kernel driver installations. If something is loaded into the kernel memory, the game is over. NO firewall can prevent the code in kernel privileges.

CFP 3.0 is the solution to these types of the problems. You can not install such drivers without getting permission from CFP 3.0."

6.QUESTION for Egemen(and others if you wish to answer):
Are you sure that NO other software firewall today can prevent the code in kernel privileges?
What about Outpost Firewall Pro and Kaspersky-both have option “Block most”.
A “Block most” mode means that all incoming and outgoing traffic is completely blocked,
except the traffic you want to allow(assuming that you have previously configured what to allow,
and what to block).
Yes,that’s why I think that more configurable an firewall,you can protect more tightly your computer.
And I have witnessed that Outpost is truly still the king of configuration.
Any opinions?

6.a)What I meant to say is that “Automatic rules creation and updating” should be useful for novice users,and configuration for more and much,much more advanced users.
Any opinions?

6.b)Does it really matter:more configurable firewall-more protected computer?

When I had to go to work for 2 weeks outside the country,my mother has
used “Allow all” option-but she didn’t know what to answer when Comodo asked about updating firefox.exe from to
The thing is my mother doesn’t know anything about computer so I will ask you for help:

7.a) Is it possible to configure CFP 2.4 so Comodo doesn’t ask me anything,because whenever my brother or mother is on the Internet,they do not know what to answer,and that’s why I’m always in fear that they will let malware in or out of the computer!

That’s why I think CFP both 2.4 and 3.0 should have “Block most” mode,so you can completely
block all incoming and all outgoing connections,processes,applications and etc.,except the traffic you want to specifically allow.
And opinions,help,please???

And,please,NO more “Allow all” option,please…

My personal opinion:
Comodo should integrate both their firewall and Comodo anti-malware into one package-than you will be completely safe with this ultra-super-hyper-powerful-effective combination.
Any other opinions?

NOTE:I just hope I wasn’t too annoying and too boring.
I’m quite busy right now and this was the rare situation I could post this thread what really torchers me,so I simply put everything that I had.

Big thanks for your time,paticen and help!

Welcome to the forums, Ultra-Bot! I’ll try to answer some of your questions…

  1. Full-featured HIPS means a HIPS (Host Intrusion Prevention System) that has a very high level of control/configuration by the user and the ability to protect the system based on its configuration. Means, it’s not a dumbed-down or incomplete version (such as is common with free software).

  2. More than SSM, I think (please folks, don’t flame me!); more along the lines of ProSecurity or EQSecure (both of which seem to be better - in tests - than SSM).

  3. CFP v3 will have much more “automatic” settings for non-power users.

  4. I’ll let the devs answer this.

  5. Not a question… :wink:

6a. They’re looking at some implementation for these types of things - see Q3 above.

6b. Not necessarily. I think it will depend on the implementation by the firewall application (ie, how it’s coded). Look at http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php CFP is basically at default configuration there; only a couple minor changes to settings, nothing to rules configuration.

  1. Allow All is necessary for the purpose of testing/finding out where connection problems may be. I agree there should be a strong warning about using this; perhaps a popup in big red letters… :wink:

7a. No. There is a tutorial about a “set & forget” configuration in this thread https://forums.comodo.com/index.php/topic,6167.0.html but it will not stop CFP from giving alerts if something triggers an existing application rule or Application Behavior Analysis (ABA).

  1. Comodo is looking at a combined user interface (ie, a “suite”) different from other popular applications, in that the user could pick & choose what to install and use.

Hope that helps,


the power of CFP v3 will simply be unmatched in the market place!


That´s right.