Advice Request Identical alternative to Comodo Firewall (CFW)?

[kylprq]

I'm looking for alternative solution to CFW that's identical to CFW, but not CFW. (not from C or Xmy***) I've been staring at my computer screen for so long that I'm starting to see CFW everywhere(it's blocking a lot so I kinda have to) . if this already discussed throw me thread link so I can dive into it

 

[cruelsister]

I'm looking for alternative solution to CFW that's identical to CFW, but not CFW. (not from C or Xmy***) I've been staring at my computer screen for so long that I'm starting to see CFW everywhere(it's blocking a lot so I kinda have to) . if this already discussed throw me thread link so I can dive into it

What is it blocking and where are you seeing the items blocked? A screenshot would be helpful also if you find the time.

 

[ErzCrz]

I'm presuming your getting a lot of Edge blocks to ports 1900, 5353, 443 etc and 443 for a number of windows apps. For those windows apps like explorer, smartscreen, and various hosts I just create a Allow Outgoing to Set of Ports - HTTP but for Edge it's a bit more of a faff, just setting it as Web browser preset still throws pop-ups. The truth of it all though is even if there are 1000s of blocks, if the internet is still working, it's probably something you can ignore. If you can specify what's blocked that'd help.

 

[kylprq]

for anyone interested but I mostly focused on an Alternative to CFW which is have similar capabilities (like configurability, access rights control etc. this probably excludes AppGuard/WDAC alike software.)

PS. I add lot of rules from File Ratings\File Group tabs approx. dozens of them if u see not enough blocking events. (They didn't disappear magically and functioning still.)
>logs

 

[ErzCrz]

for anyone interested but I mostly focused on an Alternative to CFW which is have similar capabilities (like configurability, access rights control etc. this probably excludes AppGuard/WDAC alike software.)

PS. I add lot of rules from File Ratings\File Group tabs approx. dozens of them if u see not enough blocking events. (They didn't disappear magically and functioning still.)
>logs

A bit of a different option which I've been trialling is using Hard_Configurator as a hardening and default-deny option in combination with Malwarbytes Windows Firewall Control though I still thing CFW setup by @cruelsister is better. You might look at Voodoo Shield but I've no experience with it.

 

[Pico]

Or options like "Simple Wall" and "Sandboxie Plus".

 

[cruelsister]

PS. I add lot of rules from File Ratings\File Group tabs approx. dozens of them if u see not enough blocking events. (They didn't disappear magically and functioning still.)

The major issue that many have with CF is that many rules are created that aren't needed and can (and often do) lead to issues. Other than blocking a legitimate application from connecting out with a Firewall Rule (to stop and update that you would prefer not to happen), rules can often be self-defeating and not at all additive to protection.

CF Best Practice is to Keep It Simple for maximum results.

(ps- although SBIE is an excellent sandbox, it is on demand and not on access. This is a huge difference.)

 

[ErzCrz]

The major issue that many have with CF is that many rules are created that aren't needed and can (and often do) lead to issues. Other than blocking a legitimate application from connecting out with a Firewall Rule (to stop and update that you would prefer not to happen), rules can often be self-defeating and not at all additive to protection.

CF Best Practice is to Keep It Simple for maximum results.

(ps- although SBIE is an excellent sandbox, it is on demand and not on access. This is a huge difference.)

Just a quick random question. Am I right in thinking that if you say whitelist svchost or explorer.exe etc it'll still get sandboxed if the process is created/manipulated by malware? E.g. I have to whitelist svchost for port 546 for router dchp and a number of other windows apps for port 443 outbound connections.

 

[kylprq]

The major issue that many have with CF is that many rules are created that aren't needed and can (and often do) lead to issues. Other than blocking a legitimate application from connecting out with a Firewall Rule (to stop and update that you would prefer not to happen), rules can often be self-defeating and not at all additive to protection.

CF Best Practice is to Keep It Simple for maximum results.

(ps- although SBIE is an excellent sandbox, it is on demand and not on access. This is a huge difference.)

I thought blocking everything except i explicitly allowed like adding all non MS and customized (reduced) vendor list applications no matter if it's signed or not (or trusted to C) so I kinda have it to run them.

Problem is in a some ridiculous way CFW blocks allowed apps without leaving any trace to troubleshoot. (my freaking Chinese manufactured mice controller only installed by uninstalling CFW, disabling CFW or adding allow rules to respected components doesn't solve the issue) and it's unpredictable too(my beloved addiction Don't Starve Together and recently Project Zomboid binaries getting blocked and this behavior also leads to game file corruptions can't handle why )

another reason is the developer's unprofessional and reckless attitude to it's highly loyal but minor community. I don't consider C is small indie company of course not a giant as S but they could make a statement about current CFW is being maintenance mode or temporarily no update is planned unless new announcement no ETA etc. also aware of CFW is free software(seems like some folks first time encountering a discontinued piece of software.)

the reason insisting on CFW is it's maybe not that unique but a kind of access control system and it's granular controls over the system unlike any consumer grade product (I am not so sure about K TS). So it's nice to have them.

in any case thank you for participating

 

[ForgottenSeer 100397]

There's no substitute for CFW. CFW will become your preferred choice if you enjoy it. The key to using CFW is to avoid excessive customization and understand that it's not essential for reliable protection. For me, CFW's protection is in a league of its own compared to other security software.