App Review Comodo Firewall BETA 2024 (Modified Settings)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,329
Comodo Firewall is a well-known and comprehensive free firewall.
In this test, we chose not to install Comodo's anti-malware engine to see how the Sandbox and firewall would react.
This isn't just another test, the aim is to see whether Comodo would protect us without anti-virus, especially with the settings we've made.
The answer is YES.
With the settings we've set, Comodo will simply refuse to launch unsigned applications that aren't 3 days old.
If any malware older than 3 days is encountered, Comodo will analyze it in its Sandbox.
In my test, it acts as an "Anti-Exe", which can be a formidable protection if you have a simple antivirus like Microsoft Defender or Avira Free.



@rhythm request
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,152
Comodo will simply refuse to launch unsigned applications that aren't 3 days old
In addition, even if the application is both legitimately signed and countersigned it still must first be determined to be non-malicious by Comodo. This was shown to be important previously in the case of the E-File stealer. It was stopped by Comodo while everyone else was oblivious.
 

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,026
Great video. Beta 2 is expected this coming week Exciting News: Comodo Internet Security 2024 Beta Now Open for Testing! which is a number of fixes. I still prefer old UI as more informative so I chanage the theme to Lycia. I only have a production machine so just brief tested the beta and I had to manually remove leftover drivers after uninstall. At any rate, 8012 still works on my Win11 machine.
 
F

ForgottenSeer 97327

Even for linux users a new CIS 2024?

1697834234155.png
 
F

ForgottenSeer 100397

Comodo will simply refuse to launch unsigned applications that aren't 3 days old.
Comodo will simply refuse to launch unsigned unknown applications (unsigned and signed applications not in Comodo Whitelists) that aren’t 3 days old.

Was there any malware older than 3 days? I expected to find some benign leftovers, or possibly even active malware, because of the Partial Limited restriction level.

@Shadowra, I appreciate your time. Thank you!
 

Shadowra

Level 34
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,329
Comodo will simply refuse to launch unsigned unknown applications (unsigned and signed applications not in Comodo Whitelists) that aren’t 3 days old.

Was there any malware older than 3 days? I expected to find some benign leftovers, or possibly even active malware, because of the Partial Limited restriction level.

@Shadowra, I appreciate your time. Thank you!

The fake crack had 3 days to run but was rejected all the same.
 
F

ForgottenSeer 100397

The fake crack had 3 days to run but was rejected all the same.
I have been using Comodo Firewall with the same settings since I requested a test. On my system, there are nine programs that are unknown or on the Comodo cloud whitelist. I tested these programs with the internet disconnected. By default, the unknown programs run in containment and are flushed when I exit or restart the system. All nine programs worked fine with the "Partial Limited" restriction level, except DiskInfo didn't show the details. Overall, I found the Partial Limited setting to be good for usability, but I am still unsure of its effectiveness against modern malware. To test the Partial Limited restriction level against malware, we should only use the "Restricted" containment rule, not the "Block" rule. I might request such a test once there is a new beta or final release.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?
 

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,026
Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?
I believe it's all unknown files. You can even manually submit them if you want. I don't currently have Comodo installed but yes, any untrusted file is sent to the cloud for analysis but you can disable this in the settings.
 
Oct 17, 2023
69
Do you know what kind of files Comodo sends with their “Analyze unknown files in the cloud by uploading them for instant analysis” is it only for executables or all types of files?
The file or files are sent to Xcitium for analysis and Valkyrie.Valkyrie will analyze the file statically and dynamically to determine if its a good or bad file if it fails the file is sent to Xcitium researches for analysis
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top