Battle Comodo FW + Panda Dome Free, a strong combo?

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
A very light, yet one of the most comprehensive combo i have ever seen. Is there any better choice that is useful for computer illiterates and for whom have a low end PC?

Note: Only Firewall and File Rating is enabled on Comodo. No HIPS, no VirusCope and no Auto-Sandbox(except quarantine rules) as they could create problems.
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
I don't think it's bad. It is assumed that you will configure the rating of comodo files yourself. If not, I feel that I can replace the firewall with something else.

Salvaging on another post is a good way to do it, as sometimes the thread is pushed down by another post, making it less noticeable.(y)
 

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
It is assumed that you will configure the rating of comodo files yourself.
I couldn't quite understand this part. Comodo File Lookup Server is enabled, so the cloud whitelist is enough in most cases. An input is only needed when a user runs unknown program that requires internet connection. So, zero-days and unknown viruses will run, but they can't send user data to the malicious server.


Wouldn`t it be a stronger combo with either the hips or auto sandbox enabled ?
That would increase the complexity a lot. Especially HIPS, many inexperienced user complains about the HIPS popups. And auto-sandbox will be unpractical for those who don't know how to copy-paste files from sandbox into the host. Also it will degrade performance.

If this combo looks like strong enough to you, I will be more sure when recommending it to users. KSC Free comes first, but some people complain about its effect on system performance. I wouldn't use KSC Free on my pc as well.
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
I couldn't quite understand this part. Comodo File Lookup Server is enabled, so the cloud whitelist is enough in most cases. An input is only needed when a user runs unknown program that requires internet connection. So, zero-days and unknown viruses will run, but they can't send user data to the malicious server.

Sorry. I misunderstood the list of trusted vendors.🙏
 

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
Just having File Rating active (and FW) without other modalities will only kinda-sorta protect. It will stop some things, but otherwise is child's play to bypass.

In short, not a good idea at all.
So, cfw + panda still a bad idea? I wouldn’t use CFW alone in those settings either. What do you think could be better choice instead? I wish foticlient to be less buggy, i would have chose that.

Why don't you wanna use HIPS or auto sandbox?
I explained above already.
 

Vitali Ortzi

Level 22
Verified
Top Poster
Well-known
Dec 12, 2016
1,147
So, cfw + panda still a bad idea? I wouldn’t use CFW alone in those settings either. What do you think could be better choice instead? I wish foticlient to be less buggy, i would have chose that.


I explained above already.
If you're using it as default deny in a proactive mode without useless vendors from the vendor list then it's very strong but makes Panda dome useless Wich in anyway isn't a great av .

But what is your aim a low false positives security posture(not very good at stopping zero days) or a hardened default deny one(very strong against zero days)
?

If you want a low false positives Config I would recommend to try Kaspersky Wich had lower false positives then defender and has a nice rollback feature that mostly works .


As for default deny use Comodo or any SRP /applocker based security in a default deny config.
 

Cortex

Level 26
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
I used Dome for a while but found it less than wonderful - I also found it was Dome that was breaking Shadow Defender - I's all personal choice but Panda is near the bottom of my AV list - I also found again personally Comodo the most problematic Firewall I've used, though I never used this combination.
 

Nagisa

Level 7
Thread author
Verified
Jul 19, 2018
341
My english, is it really that bad? I think I already explained why I configured the CFW that way. I aimed for best protection with minimal performance impact and user input requirement. Enabling HIPS and auto-sandbox defeats the point of this combo.

I used Dome for a while but found it less than wonderful - I also found it was Dome that was breaking Shadow Defender - I's all personal choice but Panda is near the bottom of my AV list - I also found again personally Comodo the most problematic Firewall I've used, though I never used this combination.
Thanks. What do you think would be a better choice for combining with CFW?
 

Brahman

Level 16
Verified
Top Poster
Well-known
Aug 22, 2013
799
A very light, yet one of the most comprehensive combo i have ever seen. Is there any better choice that is useful for computer illiterates and for whom have a low end PC?
Note: Only Firewall and File Rating is enabled on Comodo. No HIPS, no VirusCope and no Auto-Sandbox(except quarantine rules) as they could create problems.
How bad is your "low end computer"? I have given a seeedstudio ODYSSEY - X86J4105800( Based on Intel Celeron J4105 ) to my daughter to tinker with and it runs CFW without any lags.
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
From time to time, I hear about the topic of deceleration of comodo, but in the case of software that controls communication, I think that it may also be affected by the speed of the line. From the impressions I used, I remember that there were several phenomena that caused communication delays, but there was no slowdown in information processing.

My english, is it really that bad? I think I already explained why I configured the CFW that way. I aimed for best protection with minimal performance impact and user input requirement. Enabling HIPS and auto-sandbox defeats the point of this combo.


Thanks. What do you think would be a better choice for combining with CFW?
Many MT members are tolerant of unnatural English. Feel free to continue posting.(y)
I think that the translation function of the browser may distort the meaning of the text.:geek:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top