Comodo Internet Security - General Impression

[hjlbx]

Very true, if it wasn't for that "I really want to try it" feel I would have stuck with 8.1 - my uncle (now retired) told me they never finished Windows 7, messed up with 8, moved to 8.1, now it's 10. His company used XP for yrs, when he left now on Win 7, but his new laptop is 8 and that's it, he just will not change - he used Kaspersky business select never had any issues.

I am annoyed at Kaspersky, they've really messed up with Windows 10, never thought I'd say it, but Comodo hands down beats them it Melih had the money, government backing a certain Eugene has I'm sure Comodo would be at the top.

Yes, I will keep you updated on the browser, but for the past week or so no issues.

Comodo and Emsisoft work best for me. Comodo didn't in v 7, but Emsisoft always has...

W10 is a hot mess... it will take 3+ years for M$ to get it all sorted out... just like W8/8.1. New soft releases are always such a pain in the arse for so many people... and it just isn't M$.

 

[CMLew]

Hi,

looking through the Comodo threads, seems CIS is quite favorable and a great tools to learn (experience) malware attacks. Haha.

Just curious CIS without the Antivirus component install, is it just the same as Comodo Firewall installation? Whats the disk space usage?

Interested to test and play with my Bitdefender Antivirus Plus 2016. (Bitdefender AV + Comodo CIS + Sandboxie).

I saw some thread mentioning to using Shadow Defender before u start playing with malware too. Probably going to install a trial version.

 

[hjlbx]

Hi,

looking through the Comodo threads, seems CIS is quite favorable and a great tools to learn (experience) malware attacks. Haha.

Just curious CIS without the Antivirus component install, is it just the same as Comodo Firewall installation? Whats the disk space usage?

Interested to test and play with my Bitdefender Antivirus Plus 2016. (Bitdefender AV + Comodo CIS + Sandboxie).

I saw some thread mentioning to using Shadow Defender before u start playing with malware too. Probably going to install a trial version.

@CMLew

I have never tried Bitdefender AV + CFW combo... not that I didn't consider it. However, in the end, I have always experienced various problems with Bitdefender products, so I just don't use them.

You'd have to set up mutual exclusions in BD and CFW to avoid conflicts. I'm not saying there would be conflicts, but there may be potentially if you don't exclude one from monitoring the other.

Some users have problems between SBIE and Comodo. It appears to be system specific. Sandboxie recommends excluding SBIE program folder from monitoring by CFW. If you decide to combine the two, before doing so, search for "Sandboxie Comodo conflict known issues." Search will return link to SBIE forum and their recommendations.

Also, SBIE states that it sometimes doesn't work quite right with BD. It recommends turning off Active Threat Control. If you do that, then there is no point in having it on your system !

CFW has low RAM usage... around 50 MB on my system when I tried it.

You can use Shadow Defender, but installing softs in Shadow Mode that require a reboot is a problem - since once you exit Shadow Mode the complete installation is gone. Any how, SD is terrific soft.

 

[CMLew]

@CMLew

I have never tried Bitdefender AV + CFW combo... not that I didn't consider it. However, in the end, I have always experienced various problems with Bitdefender products, so I just don't use them.

You'd have to set up mutual exclusions in BD and CFW to avoid conflicts. I'm not saying there would be conflicts, but there may be potentially if you don't exclude one from monitoring the other.

Some users have problems between SBIE and Comodo. It appears to be system specific. Sandboxie recommends excluding SBIE program folder from monitoring by CFW. If you decide to combine the two, before doing so, search for "Sandboxie Comodo conflict known issues." Search will return link to SBIE forum and their recommendations.

Also, SBIE states that it sometimes doesn't work quite right with BD. It recommends turning off Active Threat Control. If you do that, then there is no point in having it on your system !

CFW has low RAM usage... around 50 MB on my system when I tried it.

You can use Shadow Defender, but installing softs in Shadow Mode that require a reboot is a problem - since once you exit Shadow Mode the complete installation is gone. Any how, SD is terrific soft.

I see. Thanks @hjlbx !!
Maybe I can uninstall Sandboxie first and then try the install the CFW.

PS: I'm surprised that Bitdefender do have quite a no. of significant compatiblity issues. Glad I did not get hang to their Internet Security last time.

 

[hjlbx]

PS: I'm surprised that Bitdefender do have quite a no. of significant compatiblity issues. Glad I did not get hang to their Internet Security last time.

Bitdefender just seems incapable of sorting out their various issues for whatever reason(s). Stuff gets fixed eventually, but it often takes a long time (>= 1 year or more).

It's OK. There are other security soft vendors that have the same problem. It is just the way it is...

 

[hjlbx]

@CMLew

You have to be very patient in using Comodo. Ask a lot of questions here at MT - not over at Comodo forum. It takes a long time to master Comodo. Most of that time is spent learning how various settings affect each other and how Comodo behaves. Most things you think are bugs are not bugs, but instead intended behavior. However, since you have no way of knowing it is intended, you are left in the dark... Only way around this is to ask questions.

 

[CMLew]

@CMLew

You have to be very patient in using Comodo. Ask a lot of questions here at MT - not over at Comodo forum. It takes a long time to master Comodo. Most of that time is spent learning how various settings affect each other and how Comodo behaves. Most things you think are bugs are not bugs, but instead intended behavior. However, since you have no way of knowing it is intended, you are left in the dark... Only way around this is to ask questions.

Thanks for the encouragement @hjlbx . I'm actually curious to try around mix-n-match softwares for optimal results. Which is why I have this old laptop to experiment. I'm getting more keen to know security protection after got infected a few times pretty badly last time (i still recall those old Win98/XP days where my PC got infected by trojan horse and Norton couldn't clean it up so it just stays there and I got to reformat my PC a couple of times).

 

[hjlbx]

Reformat PC is best option. I don't count on any security soft to clean my system. System clean-up is worthless in my experience. Much better not to get infected in the first place.

 

[CMLew]

Reformat PC is best option. I don't count on any security soft to clean my system. System clean-up is worthless in my experience. Much better not to get infected in the first place.

I agree. Back in old days; trojan horse is very stubborn and sticky. Usually what I'm told is reformat your PC. And which is why I have at least 2 copies of OS installation CD; in case one of them badly scratches due to CD running.

Anyway back to the topic, since CIS have their own "AUTO-sandbox" then does sandboxie really necessary or it just adding additional layer of protection? (like sandbox in a sandbox??)

 

[hjlbx]

I agree. Back in old days; trojan horse is very stubborn and sticky. Usually what I'm told is reformat your PC. And which is why I have at least 2 copies of OS installation CD; in case one of them badly scratches due to CD running.

Anyway back to the topic, since CIS have their own "AUTO-sandbox" then does sandboxie really necessary or it just adding additional layer of protection? (like sandbox in a sandbox??)

Sandboxie is just additional option. CIS sandbox is not quite as configurable. For example, you cannot define separate sandboxes like with Sandboxie. You cannot create super-tight system resource access like with Sandboxie (like create sandbox where only browser will run in it).

However, Comodo sandbox has its advantages. Microsoft updates do not cause problems for the sandbox - which happens on a frequent basis with Sandboxie. Also, Comodo solves many problems of denying access to system resources by default by allowing the user to define restriction levels. Plus it has Protected Data Folders which Sandboxie does not have.

I know the question always comes up which one is safest. There is no decisive difference between Comodo sandbox and Sandboxie in terms of sheer protection. It comes down to versatility, user interface and which one works best for you personally.

I prefer Comodo sandbox - because I want an integrated, single security soft. At the same time I appreciate Sandboxie's versatility.

For "sandbox in sandbox" use Shadow Defender... more stable. Both Comodo and Sandboxie work great in Shadow Mode.

 

[CMLew]

@CMLew

I have never tried Bitdefender AV + CFW combo... not that I didn't consider it. However, in the end, I have always experienced various problems with Bitdefender products, so I just don't use them.

You'd have to set up mutual exclusions in BD and CFW to avoid conflicts. I'm not saying there would be conflicts, but there may be potentially if you don't exclude one from monitoring the other.

Tried. Doesn't work. Crashed my start-up. End up I have to system restore using my Win10 USB drive.

 

[Deleted member 2913]

HJLBX,

I have installed latest Comodo FW on Win 10 64.
Config - Internet Security
Windows Defender, FW, SmartScreen & UAC disabled.
No third party AV installed.

Everything is fine..except Inbound Connection on main GUI shows "0", is it normal?

 

[Kate_L]

if you have 64 bit check enhanced protection from HIPS settings. If you wanna see Network Intrusions, open firewall > global rules > edit Block and log and check "log as firewall event".

 

[hjlbx]

HJLBX,

I have installed latest Comodo FW on Win 10 64.
Config - Internet Security
Windows Defender, FW, SmartScreen & UAC disabled.
No third party AV installed.

Everything is fine..except Inbound Connection on main GUI shows "0", is it normal?

There should be no inbound connections. If you Stealthed Ports it will always be 0. If you didn't Stealth Ports then CIS firewall would prompt you about attempted inbound connection.

It will be not 0 if you allow inbound connections ( Edit: or for Trusted applications - when they connect).

Edit:

My understanding is that the inbound counter will show for a connection that originates from outside the system, but it is unclear if it counts only certain types of connections (e.g. only active versus idle). I only have one application that does this from an external server - and then - only very briefly using UDP.

I will try to test with that app and get more practical infos.

Your system is behaving correctly...

 

[CMLew]

There should be no inbound connections. If you Stealthed Ports it will always be 0. If you didn't Stealth Ports then CIS firewall would prompt you about attempted inbound connection.

It will be not 0 if you allow inbound connections.

Your system is behaving correctly...

Hi @hjlbx ,

Does that means if I block in-bound/ out-bound connection, I would not even allow to connect instant messaging like skype?

 

[hjlbx]

Hi @hjlbx ,

Does that means if I block in-bound/ out-bound connection, I would not even allow to connect instant messaging like skype?

Skype is Trusted application - so it should have both in and outbound connection ability - even with ports stealthed.

If it gets blocked with ports stealthed, you can set firewall to prompt for any inbound connects on the Tasks pane. That's a pain though, since you will be prompted for Loop Back zone and all that sort of nonsense.

 

[Terry Ganzi]

There should be no inbound connections. If you Stealthed Ports it will always be 0. If you didn't Stealth Ports then CIS firewall would prompt you about attempted inbound connection.

It will be not 0 if you allow inbound connections.

Your system is behaving correctly...

So then is this wrong?

 

[hjlbx]

So then is this wrong? View attachment 75960

Oops ! I made mistake ! Look everybody... I made mistake ! Not paying full attention to OP's question... !!!

Trusted applications (such as System) are allowed both inbound and outbound connections.

Stealth ports only applies to packets originating from outside the system for which there is no allowed rule.

Apologies everybody, @CMLew, @Tony Ganzi ... I did make mistake on that one. So I have edited with strike-through.

 

[CMLew]

Oops ! I made mistake ! Look everybody... I made mistake ! Not paying full attention to OP's question... !!!

Trusted applications (such as System) are allowed both inbound and outbound connections.

Stealth ports only applies to packets originating from outside the system for which there is no allowed rule.

Apologies everybody, @CMLew, @Tony Ganzi ... I did make mistake on that one. So I have edited with strike-through.

Thanks @hjlbx

So In conclusion, I can turn on the stealth port and block the both in-coming and out-going connection and I can still use Skype since it is recognised to be trusted application, right?

 

[hjlbx]

Thanks @hjlbx

So In conclusion, I can turn on the stealth port and block the both in-coming and out-going connection and I can still use Skype since it is recognised to be trusted application, right?

@CMLew

Stealth Ports is a port scanning counter-measure; hackers scan your ports to see if they can detect any open ports. An open port is a potential doorway into your system. If they find one, they might try to exploit it and gain entry to your system.

Unless you think you are being targeted, then worrying about hackers is the least of your troubles. It is more productive to focus on the number one gateway into your system = your browser and web surfing.

Any how, some infos...

[Firewall] What are stealth ports?

GRC | Port Status Info

Stealth Ports even while communicating?

Re-read last link. I think it will make it more clear.

If this does not help let me know...

PS - Stealth Ports - yes. Will it interfere with normal communications - no, it should not under most typical network configurations.

With my CIS I stealth ports and use Skype ( only to communicate with CCE).

CCE = inside joke with @Umbra - only he would know what I mean...