Comodo Firewall

As any personal firewall it runs in the same environment as it is supposed to protect. What else do you need to know?

Furthermore it asks the user a lot of meaningless technical questions because it does not itself have a clue about what is going on.

/B. Nice

Why does many programs use the registry for mass storage. I mean storing config data - yes. Storing 1000+ keys - no. This got to slow down the registry, why is it so common.

May I tell you: This is nonsense. The registry is a database with a B+ tree

• block hash table architecture. That doesn't slow down so fast, especially not with some few 1000+ keys.

Anyway, ZA isn't any serious comparison, as it's totally broken, insecure and utterly useless. Comodo Firewall is just stupid by adding application control to an otherwise good packet filter.

It's the application control I llok for. I have a hardware firewall in my router so I don't need that bit. But I want to "keep an eye" on what programs is doing what (who is asking for server right, who is sending things etc etc). So I'd like a program that just did that.

No Personal Firewall can do it, all only claim that they can do it. Personal Firewalls are snakeoil, forget them, they are useless, you don't need them and can't trust them.

Wolfgang

What about 'netstat'? What about TCPView? In contrary to such "personal firewall", they do not employ any packet filter or hooking to try actually limiting programs, but only do what's actually achievable: monitoring.

Anyway, why would one need such a thing? You should know what your programs are doing!

I know "bad" programs can find ways round the application monitoring. But I guess my AV software will take care of those applications.

I just want to monitor the normal everyday applications, to see what they are doing, when they are sending/listening, and block the ones I really don't like talking to the net.

This works for "nice" programs (both on ZA and Comodo), but to get this I need to install all the stuff I don't need (firewall etc)

Well, I stil like the possibility to stop "nice" programs from doing stuff (like calling home). For most "nice" programs the application monitoring in both ZA and Comodo can do this (for "bad" programs I have avast! AV that will take care of that). But I donæt need the firwall, packet analyzer, blockers etc etc). Just APPs monitoring.

Like to stay informed. Like to know "who" is talking to other behind my back (like: why does Word connect to Internet and send stuff) and to be able to stop that for "nice/normal" programs as well...

Try Port Reporter [1].

Lars-Erik =D8sterud schrieb:

If these bad programs are running on your machine, your AV software has very obviously not taken appropriate care of them. And your machine is no longer your machine - be it with or without ZA or Comodo.

Regards Thomas

Yeah, your guesses...

Uh, so trivial. Use WireShark.

Reality doesn't care for what you want.

It doesn't work, and I don't how you want to judge the actual abilities in a real-world scenario where custom-written malware simply shut's 'em down, bypasses them or tweaks legitimate applications into carrying out the communication.

1. "nice" programs don't call home.
2. There isn't even one example of a "nice" program phoning home as you claim. This is a big vapor threat.

Fine, expect that for "nice" programs such a functionality is obviously superfluos.

Yeah sure... well, but I think your dream-world imaginations don't add anything to a serious discussion.

Hint: it doesn't, unless you either configured or advised it to do so.

What about configuring the programs instead, as any reasonable person would do?

Why do you assume I have "bad" programs. I don't. Nothing at all :-)

I just want to "keep an eye" on the normal programs, and possibly stop them from sending stuff (like Word, other MS programs, callbacks etc)

Very wise to have an application firewall.Layered security is always better than nothing at all.Commodo firewall has some HIPS elements in it,application component control,application behavior checking ,and also self protection which monitors registry keys.The firewall keys/files are protected and commodo also has protection against process termination.If it runs well for you and your happy with it then i would say its a good choice.

That's exactly the contrary of wisdum.

Layered security is a buzzword spilled out by clueless people.

Yeah... and for what reason? It's trivial to circumvent.

And that's the usual highlight of the bullshit. You really don't know much about the Windows NT kernel, d you?

And what about security? After all, that's the topic.

Anyway, why should he listen so someone who is even too stupid to add a valid email address to the From: header?

You can do any better that the programs that are available. Of course I have never gotten any viruses anyway. Just using common sense, not opening suspicious mails. Not download suspicious software. Etc etc.

I really didn't post here to get into a "religious" discussion :-) But to hear if anyone had any programs to recommend to do this.

But it seems like all the posts in "comp.security.firewalls" are about how "useless" ANY firewall is. Why not discuss the firwalls we do have

I'm NOT talkning about malware here. I'm talking about normal programs. And it DOES work for those. I can see that when I stop a program that asks for access - the programs is actually stopped (I can see it on the activity, in the logs). So it DOES work for some programs (the ones I use). I know it wonæt stop viruses, but that is not what I'm out for either. I wish to control normal applications.

So you would then classify lots of "normal" programs from "normal" vendors as viruses/trojans or somthing like that then. Even if they stop calling home if I stop that in ZA (that "nice" anyway isn't it)

So the alerts about those program wanting to access the net, what are they? I don't really think ZA or Comodo would alert if they did not try? Do you? And if I stop them (the programs on my system anyway) they don't send anything (no network activity), so it does work...

For those where that is possible - of course. For the rest. Well :-)

Why dont you advocate it then?

Not as trivial as the rubbish you spout

As much as you know about application firewalls

Im sure the poster knows enough about security to make his own mind up.

He doesnt have to ,he may choose a fool like you instead.

me