A Question for Cruel Sister. Comodo CIS, Why?

Status
Not open for further replies.
D

Deleted member 178

Thread author
For example, if AppGuard decided to add ClamAV to the product, would Umbra stop using it? No, he would just call them idiots and shut off that module (sorry, Umbra, for assuming your actions!).
Indeed, i will just use the Non-AV version. as you do with CFW.

Now to the Firewall- it's an Urban Legend that the Comodo Firewall module itself is excellent. It's not- it is totally oblivious to malware hollowed processes connecting out. But as the Firewall is being used in conjunction with the HIPS and Sandbox at default, or with the Sandbox itself at my settings this deficiency is negated (although my one Firewall setting change is also needed).
Yes , the FW has nothing special, ino IDS/IPS, not traffic checking.

Finally, does one need an AV to supplement CF? No, not really, but as it can be of use if you are trying to install a legitimate unsigned application (like VT Uploader or SeaMonkey Browser). Comodo will isolate unsigned applications (which is a GOOD thing), so an excellent freeware AV like Avast (yes, I'm liking this one recently) or Qihoo really will give a fine second opinion.
WD on win8/10 is enough, CFW will do all the job anyway. If you are on Win7 , just use a classic one with no BB/HIPS integrated.
 
R

Rodney74

Thread author
I am not Comodo expert but here I have learned that C.Firewall, if well configured, can make your PC almost impenetrable.
Then I think the AV module is fairly redundant, in case I would use just WD+CF (tweaked).


Well this is just based on spending time with my PC, which I built....MY PC with Avast or Kaspersky is more responsive than with Defender, I know this sounds strange, but it is true. Opening applications is much quicker. This is all done on a clean install, via Macrium Image BU.
 
R

Rodney74

Thread author
Rodney- A very timely question as I'm going to wrap things up this weekend with a CF vs ransomware video.

First, let me answer your question- CIS and CF are essentially identical products except CIS has a Local AV module- that is, you can actually run an AV scan on your system. But understand both products have cloud AV functionality. The reason that I do not suggest using CIS is that (and I'll have to call a Spade a Spade) the Comodo AV is not mediocre, it is totally Horrid. So why burden yourself with something that sucks?

Understand that a bad AV tacked on to a product does not diminish the strength of the overall protection. For example, if AppGuard decided to add ClamAV to the product, would Umbra stop using it? No, he would just call them idiots and shut off that module (sorry, Umbra, for assuming your actions!). I feel the same way about Comodo- although I probably hold the Comodo AV in more contempt than anyone else on MT, I personally would use no other product than CF. So Fxxx the AV and let's instead look at the other protective components involved:

CF is a wonderfully complex product. One can increase the protective baseline by changing configurations, you have a Sandbox ("Containment"), a Firewall, and a HIPS module. The complex part about Comodo, and something that may be not initially understandable, is that by bleeding in resources to one component will decrease the need for others. Case in point is that I suggest that the HIPS module be disabled in my setup- this is not because I feel the HIPS sucks (far from it, it is excellent!). It's just that as we will increase the Sandbox level to either Restricted or Untrusted, the need for the HIPS being active diminishes to nothing. So at the default Comodo settings (Firewall Security, Sandbox at Partially Limited) the HIPS module is needed; but at the Proactive configuration with the Sandbox at Restricted (or Untrusted) the HIPS will just generate popups without any increase in system protection.

Now to the Firewall- it's an Urban Legend that the Comodo Firewall module itself is excellent. It's not- it is totally oblivious to malware hollowed processes connecting out. But as the Firewall is being used in conjunction with the HIPS and Sandbox at default, or with the Sandbox itself at my settings this deficiency is negated (although my one Firewall setting change is also needed).

Finally, does one need an AV to supplement CF? No, not really, but as it can be of use if you are trying to install a legitimate unsigned application (like VT Uploader or SeaMonkey Browser). Comodo will isolate unsigned applications (which is a GOOD thing), so an excellent freeware AV like Avast (yes, I'm liking this one recently) or Qihoo really will give a fine second opinion.

At this point I would normally write "I hope this helped", but I'm sure I totally confused you, and I apologize for that!

M

No confusion, wonderful explanation, in fact I think you should be a teacher...WHY! Let me explain...

I hated history in high school, but later in life ran into a friend, who had gotten his masters in history. We went to have coffee, and reminisce.

During the conversation, he said I want to tell you a story. I said OK.

He told me a true story, I was on the edge of my seat, I was so enthralled, then he said do you know who I just told you about. I said no. He said its Ulysses S. Grant...

I was stunned, I never had a history teacher explain it like that in school. This friend of mine went on to be a teacher a a major university.
 

blueblackwow65

Level 23
Verified
Well-known
Dec 19, 2012
1,256
Is it possible to run Comodo firewall latest version with webroot? It would seem like a good combo ,but I see Webroot uses the windows firewall? Thks
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
Is it possible to run Comodo firewall latest version with webroot? It would seem like a good combo ,but I see Webroot uses the windows firewall? Thks
I don't see why they wouldn't be compatible but I can't say for sure.
If you want to find out I'd suggest downloading and installing Webroot's free trial and then installing Comodo Firewall afterwards.
 
  • Like
Reactions: blueblackwow65

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
According to Comodo, it's a Microsoft's advice to keep windows firewall on.
Yeah, I know, that is what their geekbuddy support tells you, it's just to cover up for the fact that Comodo fails to turn off windows firewall. Don't take their bad advice.

If you ask on the Comodo forum, they will tell you right away to turn off windows firewall, because you should never run 2 firewalls together.
 

lab34

Level 6
Verified
Well-known
Mar 28, 2017
263
Hello,
maybe I'm wrong, (you are welcome to correct me) but the first days I was using CFW, I was a bit confused by this:

CFW asks if a place is private or public. But if you answer public, by default, you are not stealth, till you explicitly go into "tasks" and choose the stealth mode.
With windows firewall in public place, I think you have more port closed than in the default public mode of CFW, not ?

(And when you choose a strategy, it replaces global rules, so you lose your customization)

Sorry for not beeing precise, it's because it's not clear in my head. In my house, I don't bother beeing stealth, but my son connects his notebook to the school wifi and, for the peace of mind, we left the Windows Firewall active on public places. (no need to have a look to the rules of the cfw after connecting)
 
  • Like
Reactions: shmu26
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top