App Review Comodo Firewall BETA 2024 (Modified Settings)

[Shadowra]

Content source

https://odysee.com/@Shadowra:f/Comodo-Firewall-BETA-2024-(Modified-Settings):a

Comodo Firewall is a well-known and comprehensive free firewall.
In this test, we chose not to install Comodo's anti-malware engine to see how the Sandbox and firewall would react.
This isn't just another test, the aim is to see whether Comodo would protect us without anti-virus, especially with the settings we've made.
The answer is YES.
With the settings we've set, Comodo will simply refuse to launch unsigned applications that aren't 3 days old.
If any malware older than 3 days is encountered, Comodo will analyze it in its Sandbox.
In my test, it acts as an "Anti-Exe", which can be a formidable protection if you have a simple antivirus like Microsoft Defender or Avira Free.



@rhythm request

 

[cruelsister]

Comodo will simply refuse to launch unsigned applications that aren't 3 days old

In addition, even if the application is both legitimately signed and countersigned it still must first be determined to be non-malicious by Comodo. This was shown to be important previously in the case of the E-File stealer. It was stopped by Comodo while everyone else was oblivious.

 

[ErzCrz]

Great video. Beta 2 is expected this coming week Exciting News: Comodo Internet Security 2024 Beta Now Open for Testing! which is a number of fixes. I still prefer old UI as more informative so I chanage the theme to Lycia. I only have a production machine so just brief tested the beta and I had to manually remove leftover drivers after uninstall. At any rate, 8012 still works on my Win11 machine.

 

[ForgottenSeer 97327]

Even for linux users a new CIS 2024?

 

[ForgottenSeer 100397]

Comodo will simply refuse to launch unsigned applications that aren't 3 days old.

Comodo will simply refuse to launch unsigned unknown applications (unsigned and signed applications not in Comodo Whitelists) that aren’t 3 days old.

Was there any malware older than 3 days? I expected to find some benign leftovers, or possibly even active malware, because of the Partial Limited restriction level.

@Shadowra, I appreciate your time. Thank you!

 

[Shadowra]

Comodo will simply refuse to launch unsigned unknown applications (unsigned and signed applications not in Comodo Whitelists) that aren’t 3 days old.

Was there any malware older than 3 days? I expected to find some benign leftovers, or possibly even active malware, because of the Partial Limited restriction level.

@Shadowra, I appreciate your time. Thank you!

The fake crack had 3 days to run but was rejected all the same.

 

[ForgottenSeer 100397]

The fake crack had 3 days to run but was rejected all the same.

I have been using Comodo Firewall with the same settings since I requested a test. On my system, there are nine programs that are unknown or on the Comodo cloud whitelist. I tested these programs with the internet disconnected. By default, the unknown programs run in containment and are flushed when I exit or restart the system. All nine programs worked fine with the "Partial Limited" restriction level, except DiskInfo didn't show the details. Overall, I found the Partial Limited setting to be good for usability, but I am still unsure of its effectiveness against modern malware. To test the Partial Limited restriction level against malware, we should only use the "Restricted" containment rule, not the "Block" rule. I might request such a test once there is a new beta or final release.

 

[Azure]

Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?

 

[ErzCrz]

Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?

I believe it's all unknown files. You can even manually submit them if you want. I don't currently have Comodo installed but yes, any untrusted file is sent to the cloud for analysis but you can disable this in the settings.

 

[Nikola Milanovic]

Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?

The file or files are sent to Xcitium for analysis and Valkyrie.Valkyrie will analyze the file statically and dynamically to determine if its a good or bad file if it fails the file is sent to Xcitium researches for analysis

 

[Nikola Milanovic]

You can create a Valkyrie account at Cloud Verdict Customer Login | Xcitium Cloud Verdict and upload any unknown or suspicious file to Xcitium for analysis.Here is all of the techniques they use to analyze a file

 

[simmerskool]

You can create a Valkyrie account at Cloud Verdict Customer Login | Xcitium Cloud Verdict and upload any unknown or suspicious file to Xcitium for analysis.Here is all of the techniques they use to analyze a file View attachment 281625

can anyone create an account or do you have to be a current Xcitium customer?

 

[Nikola Milanovic]

can anyone create an account or do you have to be a current Xcitium cany

can anyone create an account or do you have to be a current Xcitium customer?

Anyone can create a account its free