Comodo CIS Bug fix policy

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,221
Just my 2p. You used to have to add global rules with IPv6 for IPv6 to work, namely neighbour solicitation and advertisement type 134-136,0 when stealth but it depended on the test site you were using as the result varied.

Windows Firewall runs along side CF even though it says it's inactive in the security centre. Most routers include a firewall that filters IPv6 & IPv4.
1727889482006.png
1727889546367.png
 

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
591
Let below IPv6 country figures speak for themselves...

No Firewall, including CIS Firewall, can't ignore decent IPv6 filtering these days.

View attachment 285651
It can't be ignored, but it is. The 40% or so adoption and 20 to 25 yr full implementation is from Google, not me. I'm more than thrilled that the countries you've listed average about 50% adoption for those places.

I'll continue to use CFW, thank you, and be a part of half the rest of the world that isn't IPv6 compliant.
 

Pico

Level 6
Thread author
Feb 6, 2023
266
Those countries average at about 63% IPv6 coverage not 50%.
Anyhow, IPv6 countries should avoid using CIS Firewall.
 

bazang

Level 8
Jul 3, 2024
359
Those countries average at about 63% IPv6 coverage not 50%.
Anyhow, IPv6 countries should avoid using CIS Firewall.
IPv6 is insecure. Nobody should use it. IPv6 filtering will not protect the underlying protocol vulnerabilities.

Everybody should use CIS\CFW just because. No other reason, just because. And they should disable IPv6 because it is fundamentally an insecure networking protocol.

See how easy that was?
 

Pico

Level 6
Thread author
Feb 6, 2023
266
Thanks for the advise to not use (CIS Firewall in) IPv6 at all.

Are you going to advise / inform every single person who is using or wants to start using CIS FIrewall and is connected to an IPv6 native network about this IPv6 problem?
Are you going to ask Comodo to put your advise to not use CIS Firewall in IPv6 mode and to disbale IPv6 alltogether on the OS in their CIS User's Manual? You could do so but they will refuse to add it to their CIS manual.

See that's the problem, nobody is getting informed and nobody is willing to inform all others about this IPv6 CIS problem. CIS users just use CIS as is with default out-of-the-box settings or with CS settings, which seting doesn't matter IPv6 filtering is disabled in CIS in all cases.

Furthermore nowadays OS do prefer/prioritize IPv6 connections above IPv4 connections and MS does advise people not to switch off IPv6 in the OS (by registry hack) as that might cause OS problems or instabilities (those are MS words not mine).

IPv6 was invented to overcome the limited and running out IPv4 addresses. IPv6 can't be ignored anymore these days it will replace IPv4 sometime (no not within the next year or two).

CIS Firewall should fully support IPv6 which it does not.
 

bazang

Level 8
Jul 3, 2024
359
Thanks for the advise to not use (CIS Firewall in) IPv6 at all.
Do not use IPv6.

But definitely use CIS\CFW. Comodo does the right thing by not worrying about IPv6 because no matter what Comodo does, IPv6 is a deeply flawed, insecure networking protocol.

Are you going to advise / inform every single person who is using or wants to start using CIS FIrewall and is connected to an IPv6 native network about this IPv6 problem?
Nope. Not my responsibility. The responsibility is ALWAYS on the user to put in the effort to figure it out. This is how it works.

Again, there is no problem with Comodo. The problem is IPv6 protocol itself. Those problems cannot be fixed by filtering IPv6. Therefore, it makes no difference if Comodo filters IPv6 or not. It just isn't necessary. The correct security solution is to disable IPv6 on all systems.

Are you going to ask Comodo to put your advise to not use CIS Firewall in IPv6 mode and to disbale IPv6 alltogether on the OS in their CIS User's Manual? You could do so but they will refuse to add it to their CIS manual.
Nope. There are governmental agencies out there that have issued IPv6 protocol advisories. People pay taxes to receive these Public Service Announcements (PSAs). Not anyone's responsibility to compensate for the user not checking the advisories.

Comodo has no obligation to inform anyone about anything. Comodo has no moral or ethical duty to do anything. It is only obligated to do what is required under the prevailing laws. Which, in the case of all software, users that use software do so at their own risk and they accept the software "As-Is."

See that's the problem, nobody is getting informed and nobody is willing to inform all others about this IPv6 CIS problem. CIS users just use CIS as is with default out-of-the-box settings or with CS settings, which seting doesn't matter IPv6 filtering is disabled in CIS in all cases.
It is not anyone's responsibility to inform anybody about anything. So you can stop with the whole strawman concern.

Nobody is being harmed. Saying that they are is misinformation and a blatant lie.

Furthermore nowadays OS do prefer/prioritize IPv6 connections above IPv4 connections and MS does advise people not to switch off IPv6 in the OS (by registry hack) as that might cause OS problems or instabilities (those are MS words not mine).
Microsoft does not set the standard for network security best practices. There are other entities that perform that function. The general working security industry standard is to disable anything that is not critical to operations. That is the fundamental security industry best practice.

It is completely wrong to say "If it ships with an OS, then it should be allowed." This statement is so absurd that anyone that says it cannot be taken seriously. There are many, many things shipped with operating systems that do nothing more than inject complexity, attack surface, and\or exploitation potential to the system. What is appropriate to an administrator system is definitely not appropriate for a typical user system. Furthermore, all operating systems are meant to be hardened. The responsibility of figuring that out is on the user.

LOL. Microsoft does advise to disable IPv6 - but that advisory is only provided via internal Microsoft Security services to enterprise and government.

Disabling IPv6 has no affect on Windows OS - nor any other OS - stability. Nor does disabling IPv6 destabilize any applications.

Now you are making stuff up as you go along because you have an anti-Comodo agenda. You are stating misinformation and FUD. Why? Because your objective is to use any means available - including lies and speculation - to dissuade others from being interested in or deciding to use Comodo.

IPv6 was invented to overcome the limited and running out IPv4 addresses. IPv6 can't be ignored anymore these days it will replace IPv4 sometime (no not within the next year or two).
Sure IPv6 can be ignored (disabled). The reason why it was developed has nothing to do with the security - or lack thereof - of the protocol itself.

IPv4 addressing will never be deprecated nor phased out. It shall live until NAT is done away with - and that will never happen. Getting rid of NAT would be like getting rid of water or oxygen. IPv4 will be around until the cockroaches inherit the Earth.
 

Pico

Level 6
Thread author
Feb 6, 2023
266
It is so amusing to read how you each and every time try so hard to defend Comodo CIS. :ROFLMAO:
Other people are telling lies, you only tell the truth.

Average CIS users ain't IT-professionals and those CIS users just use CIS in hopes that everything works as advertised by Comodo.
They get CIS for free or paid with all the bugs included for free or paid too being IPv6 one of them.
 

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
591
"It is so amusing to read how you each and every time try so hard to defend Comodo CIS."
It is so amusing to read how you each and every time try so hard to dissuade people from using Comodo CIS.
 

Pico

Level 6
Thread author
Feb 6, 2023
266
"It is so amusing to read how you each and every time try so hard to defend Comodo CIS."
It is so amusing to read how you each and every time try so hard to dissuade people from using Comodo CIS.
Everybody is free to use whatever security suite they want.
Some people just can't stand to hear or read about that their beloved product has (serious) issues and react in a way like they are married with it and try to sweep everything under the carpet.
 

bazang

Level 8
Jul 3, 2024
359
It is so amusing to read how you each and every time try so hard to defend Comodo CIS. :ROFLMAO:
Comodo is a software with $0 revenue. No matter how truly horrible some think its quality, it will always be defensible on the basis of $0 revenue. That is a nuance that none of you anti-Comodo types are understanding.

If I am willing to give you table scraps, you will accept it or else you can look elsewhere. Until you are willing to pay me, I am giving you what I decide to be appropriate or what I decide is reasonable - so rotten tomatoes it is.

Other people are telling lies, you only tell the truth.
You obviously harbor very intense negative feelings about Comodo.

Why don't you create a website and list out all the terrible aspects of Comodo? So that everybody can be informed?

Why are you asking @cruelsister to provide evidence that you can exploit to further your anti-Comodo agenda? She saw it mile away and if her life depended upon it she would never do an IPv6 test. Did you not realize this?

Open a "Truth About Comodo" website.

Average CIS users ain't IT-professionals and those CIS users just use CIS in hopes that everything works as advertised by Comodo.
They get CIS for free or paid with all the bugs included for free or paid too being IPv6 one of them.
It is their responsibility to figure it out. That is why places like MalwareTips exist, innit that right @Jack? MalwareTips is the security infos exchange center of the internet.
 

bazang

Level 8
Jul 3, 2024
359
Some people just can't stand to hear or read about that their beloved product has (serious) issues and react in a way like they are married with it and try to sweep everything under the carpet.
You could not be more wrong. I do not even use Comodo. I could care less about it. What I do care about is keeping the facts real.

You and thousands of others being upset and venting your frustrations about Comodo will never change anything about the product. Melih has faced unending criticisms about CIS\CFW for over a decade. He just don't care. That is how he trolls people like you. He figures, and rightly so, he spends hundreds of thousands of dollars - if not millions - to support Comodo annually out of his own personal pocket. He owes you people nothing.
 

Chuck57

Level 12
Verified
Top Poster
Well-known
Oct 22, 2018
591
"Some people just can't stand to hear or read about that their beloved product has (serious) issues"

Some people just can't stand to hear or read that the product they so seem to detest works.
 

Pico

Level 6
Thread author
Feb 6, 2023
266
Does it work without issues for all people who are using it or who want to start using it???
You're joking.
 

Pico

Level 6
Thread author
Feb 6, 2023
266
For some it does. For others, it won't. Like ALL software. Nothing is 100%.
Many if not all security brands try hard to achieve 100%.
Unfortunately Comodo is an exception, they are not interested in achieving 100%.
 

bazang

Level 8
Jul 3, 2024
359
Many if not all security brands try hard to achieve 100%.
Unfortunately Comodo is an exception, they are not interested in achieving 100%.
Comodo is an exception because:

1. The revenue it generates is $0; and
2. Nobody has ever produced a major bypass of Comodo containment.

"If it ain't broke, then don't fix it."

"Who decides the definition of the word "broken"?"

"Melih. He decides. And he just don't care."
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top