Author Topic: Which Product to develop next?  (Read 615963 times)

Offline bulut

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 55
Re: Which Product to develop next?
« Reply #1140 on: February 23, 2015, 07:51:30 AM »
I would like commodo next develop firewall to prevent tcp hijack.The firewall will be perfect.

Actually our UTM can prevent them while  3-way handshake is happening by checking the MAC addresses. Our IDS have this capability.

Offline Sanya IV Litvyak

  • Comodo's Hero
  • *****
  • Posts: 4214
  • Lurking
Re: Which Product to develop next?
« Reply #1141 on: February 23, 2015, 08:43:08 AM »
Actually our UTM can prevent them while  3-way handshake is happening by checking the MAC addresses. Our IDS have this capability.

Will such functionality make its way into CIS? I'm guessing home users won't really want a UTM? Question is if home users would benefit from such advanced IDS/IPS in the first place? I wouldn't know, does the firewall in CIS have a basic IDS?
I support privacy and freedom online - eff.org

Offline BuketB

  • Comodo's Hero
  • *****
  • Posts: 898
Re: Which Product to develop next?
« Reply #1142 on: February 24, 2015, 09:59:45 AM »
Hello Sanya,
The firewall in CIS has a network intrusion detection; what do you mean with basic IDS ? On the other hand, standalone firewall product has the subsystems as: Firewall, HIPS, Sandbox and File Rating at the same time.
Regards
Buket
Will such functionality make its way into CIS? I'm guessing home users won't really want a UTM? Question is if home users would benefit from such advanced IDS/IPS in the first place? I wouldn't know, does the firewall in CIS have a basic IDS?

Offline Sanya IV Litvyak

  • Comodo's Hero
  • *****
  • Posts: 4214
  • Lurking
Re: Which Product to develop next?
« Reply #1143 on: February 24, 2015, 10:09:11 AM »
Hello Sanya,
The firewall in CIS has a network intrusion detection; what do you mean with basic IDS ? On the other hand, standalone firewall product has the subsystems as: Firewall, HIPS, Sandbox and File Rating at the same time.
Regards
Buket

Hi,

I assumed that CIS didn't have the same advanced IPS as the UTM, I believe it said something about 2000+ patterns(?) So what I meant by basic IPS would simply be just that, a scaled down version, or does CIS have the same IPS as the UTM?

Edit: I assumed this because bulut seemed to specifically mention the UTM when the other user was talking about the firewall in CIS, which made me believe that CIS doesn't protect against this "TCP hijack"
« Last Edit: February 24, 2015, 10:12:05 AM by Sanya IV Litvyak »
I support privacy and freedom online - eff.org

Offline viper37

  • Newbie
  • *
  • Posts: 3
Re: Which Product to develop next?
« Reply #1144 on: March 09, 2015, 06:45:11 PM »
I'd like Comodo to updrage the Linux Kernel on CRD and integrate support for newer hardware (wireless and Intel LAN cards) currently unsupported.

Offline bzrwon

  • Newbie
  • *
  • Posts: 24
Re: Which Product to develop next?
« Reply #1145 on: March 17, 2015, 04:31:38 AM »
I'd rather you guys just concentrate on your current products, I mean seriously how long do we have to wait for the next Ice Dragon update?????? Beyond a joke at this point :(

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 24980
Re: Which Product to develop next?
« Reply #1146 on: March 17, 2015, 11:02:02 AM »
I'd rather you guys just concentrate on your current products, I mean seriously how long do we have to wait for the next Ice Dragon update?????? Beyond a joke at this point :(
Please don't cross post.

Offline bzrwon

  • Newbie
  • *
  • Posts: 24
Re: Which Product to develop next?
« Reply #1147 on: March 19, 2015, 04:30:57 AM »
You know it's a slow day in the forum when you get slapped on the wrist for telling the truth  88)

Offline captainsticks

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11198
    • Comodo Help
Re: Which Product to develop next?
« Reply #1148 on: March 19, 2015, 06:50:32 AM »
You know it's a slow day in the forum when you get slapped on the wrist for telling the truth  88)
Hi bzrwon,
Truth or otherwise was not the issue here.

Thanks.

Offline yashkhan

  • Comodo's Hero
  • *****
  • Posts: 5231
Re: Which Product to develop next?
« Reply #1149 on: March 23, 2015, 06:56:28 AM »
I would like Comodo to do something on Firewall front.
I mean everything is there to protect system from getting infected i.e AV, AS, etc...

On Firewall front, its either allow all or get popups.
I would like Comodo to implement something for connections like some kind of analysis, blacklist or whatever. This is the place where I find Comodo little weak for average users.

FW in Norton, kaspersky, etc... do quite a good job automatically.

Offline bulut

  • Comodo Staff
  • Comodo Family Member
  • *****
  • Posts: 55
Re: Which Product to develop next?
« Reply #1150 on: April 10, 2015, 12:21:17 PM »
Hi,

I assumed that CIS didn't have the same advanced IPS as the UTM, I believe it said something about 2000+ patterns(?) So what I meant by basic IPS would simply be just that, a scaled down version, or does CIS have the same IPS as the UTM?

Edit: I assumed this because bulut seemed to specifically mention the UTM when the other user was talking about the firewall in CIS, which made me believe that CIS doesn't protect against this "TCP hijack"

Hi Sanya,

Host Intrusion Prevention and Network based Intrusion Prevention are different topics.

But given TCP Hijack specific, this is how it works:

Server sends TCP packet to client, client increments SYN ACK values and posts it back to server. Once the three way handshake is done, session begins, information flows. If some party can clone the information that is sent from client, as the handshake is done, this "cloner" can "hijack" your session and get the information that you were looking for from the server.There are two ways to do it
1)Man in the middle
2)blind guessing

IPSEC,L2TP,SSL,TLS ... are some of the major moves against this. So how as a home user CIS would protect you against this ?

To initiate such an attack, the attacker should be in the same domain (generally, can also be remote) and must intercept your session with some spoofing techniques. All the basic networking devices are capable of preventing this old school technique (as far as I recall this was introduced in 1995). Mainly hackers look for "exploits" in OS's so that they can silently direct your session over their device. And how it's done is to give the end user some form of an executable. And this is exactly where CIS walks in!

And what CIS would to more than other AVs is that this exploit can be a "Zero-Day" which was never seen from another host thus there is no signature for it! Many AVs fail at that point and you get your sessions hijacked. But with CIS containment, this unknown Zero-Day gets pulled into Sandbox and HIPS on CIS can also track its' actions and understands it's bad behaviour.

Offline bzrwon

  • Newbie
  • *
  • Posts: 24
Re: Which Product to develop next?
« Reply #1151 on: April 21, 2015, 01:23:11 PM »
Quote
CIS already has anti exploit protection in its Bufferoverflow protection. It protects against stack overflow, heap overflow and return to library attacks. Unless you want protection against more exploit mechanisms.

Yeah we do, we want something along the lines of EMET 5.2, HitmanPro.Alert 3 or Malwarebytes Anti-Exploit, to answer your reply, could be a big winner if you create something better than any of those 3 :)

Offline georgef

  • Newbie
  • *
  • Posts: 6
Re: Which Product to develop next?
« Reply #1152 on: April 22, 2015, 12:01:39 PM »
How about something new for both the firewall and antivirus? A scanner that allows the users to check for security holes within both. Also this scanner would take 0 day in effect. It would can all ports do pen tests and do a virus test on the antivirus. It could be built into the firewall or antivirus or could be a stand alone app.

Offline BuketB

  • Comodo's Hero
  • *****
  • Posts: 898
Re: Which Product to develop next?
« Reply #1153 on: May 22, 2015, 09:35:37 AM »
Hello georgef,

Thank you very much for your feedback. We are now able to protect you from 0 day attacks with our patent pending technology Auto-Sandbox.Both firewall and antivirus packages has sandbox technology inside.  Nevertheless your below idea will be taken into account as a seperate system. Thank you .

Kind Regards
Buket
How about something new for both the firewall and antivirus? A scanner that allows the users to check for security holes within both. Also this scanner would take 0 day in effect. It would can all ports do pen tests and do a virus test on the antivirus. It could be built into the firewall or antivirus or could be a stand alone app.

Offline Chicadeaccion

  • Comodo Member
  • **
  • Posts: 33
Re: Which Product to develop next?
« Reply #1154 on: June 29, 2015, 07:21:02 PM »
I want a product that protect the sim card phones because now I am infected and I can't eraser. The infection produce destabilization in my phone line so please pay attention about this because I am a victim from this type the infection.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek