App Review Olympic Destroyer vs Comodo Firewall

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
I agree. Why not use Comodo? Autocontain unrecognized and unsigned or improperly signed in the sandbox with its limitations, and malware cannot beat Comodo. What is the worst that can happen with Comodo if the auto-contain settings are enforced without alerts in an office environment? An employee needs something that is contained but is not malware, and company IT notifies Comodo that a certain piece of software is clean. IT makes an exception on the machine and about 20 minutes goes by. The ONLY difficulty with this scenario is the case where a company relies on scripts or on command line. Comodo can still block, but the exceptions and work load on IT could get large. Honestly, it's bad practice anyway to rely heavily on command line.

Companies should quit being lazy and/or cheap and write an application or hire someone to write one that does all the things they want at these companies...then have it certified and signed. Now network vulnerabilities are only Microsoft or hardware associated vulnerabilities. Guess what Comodo still has the network protected...one PC at a time :D

Comodo is so close to a breakthrough for endpoint. Just need to build a command and control application that is as solid as CF/CIS and that will be taken seriously by IT pros. At this point after over a year with v10, I do think Comodo is going to be in the ring with serious endpoint players like Kaspersky, Bitdefender, McAfee, Norton, Sophos and the like eventually...just don't know when. Ironically, I think it's the firewall element of CF and CIS that need improving for the program to achieve its maximum endpoint potential...
 
  • Like
Reactions: Andy Ful, WinXPert, Der.Reisende and 2 others
5

509322

AtlBo said:
malware cannot beat Comodo.
Click to expand...

Those can be famous last words. I remember @cruelsister finding a Critoni that bypassed COMODO sandbox. I have found ZBot, Zeus, SpyEye, others, that have bypassed the COMODO sandbox. Most of the samples used to mess with COMODO were obtained right here from MalwareTips Malware Hub when @Petrovic was supplying samples and in Virussign malware packs.

People knock Virussign malware packs, but guess what, there are some tough as nails FUD samples to be found in those packs.
 
Last edited by a moderator:
  • Like
Reactions: Andy Ful, RoboMan, Mahesh Sudula and 10 others
cruelsister

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,147
Cool- I'm really happy you liked this one, especially as it only took about 2 hours to produce (a record low!!!!).

Tickle- I've been thinking already of just putting out a new "settings only" video for CF. Probably on March 2-3. Also, the song is from my favorite, Lisa Gerrard- The Sea Whisperer.

Atbo- I LOVE your post!!!!!! Centrally managed (and with most of the Trusted vendors list deleted) Comodo Endpoint would be unbeatable as long as IT vets properly any new application that THEY install. Stuff done on the Endpoints by users would just be blown off by comodo.

Lockdown- Good memory! Actually I made 2 breach videos- one was a RAT that dropped a dll into Program Data successfully with my configuration (HIPS enabled would have alerted and reversed it). But since then Comodo has fixed this flaw (Yeah to Me!!!!) and containment now squishes that RAT mechanism with no effort. The second was a VERY Highly signed malware (which would never ever be wasted on Home Users). The certificate was acquired at a great financial cost as well as a really short skirt. Trust me in that this one would have blown past anything.

It's good that I'm Kind and Gentle...
 
  • Like
Reactions: Andy Ful, RoboMan, Rebsat and 14 others
5

509322

cruelsister said:
Cool- I'm really happy you liked this one, especially as it only took about 2 hours to produce (a record low!!!!).

Tickle- I've been thinking already of just putting out a new "settings only" video for CF. Probably on March 2-3. Also, the song is from my favorite, Lisa Gerrard- The Sea Whisperer.

Atbo- I LOVE your post!!!!!! Centrally managed (and with most of the Trusted vendors list deleted) Comodo Endpoint would be unbeatable as long as IT vets properly any new application that THEY install. Stuff done on the Endpoints by users would just be blown off by comodo.

Lockdown- Good memory! Actually I made 2 breach videos- one was a RAT that dropped a dll into Program Data successfully with my configuration (HIPS enabled would have alerted and reversed it). But since then Comodo has fixed this flaw (Yeah to Me!!!!) and containment now squishes that RAT mechanism with no effort. The second was a VERY Highly signed malware (which would never ever be wasted on Home Users). The certificate was acquired at a great financial cost as well as a really short skirt. Trust me in that this one would have blown past anything.

It's good that I'm Kind and Gentle...
Click to expand...

Your words to @AtlBo reminds me that mindset is a HUGE part of security. What is true of security conceptually in the physical world, is also true in the digital world. So I will now mock the overall pathetic state of security affairs within the digital world with:

"Security begins with knowledge and mindset..."

Unfortunately only the few will get that, and that is why things are the way they are and will never ever change. They will never change no matter how technology progresses nor what default-allow programs people install on their systems. It, is, just, never, going, to, change. ML and Ai are not going to be the revolution - even when distributed over blockchain. It, is, never, going, to, change...

because, of, human, behavior.

Until that changes, nothing will change.
  • People do not listen.
  • People do not follow directions.
  • People do not prioritize security.
  • People disregard sound security advice.
  • People do not want to pay for security software.
  • People do not want to learn about digital security.
  • People do not even have the most basic understanding of security (and do things that they should not).
And security soft publishers are not creating solutions that address the human behavior issues because they cannot solve the human behavior problem via their products. A gargantuan part of the human behavior problem in the digital realm is the lack of knowledge. In a nutshell, no one is educating the billions of computer and digital device users about digital security. Security soft publishers are not in the education business. Beyond explaining the basic functionality of their product, the education part is not the responsibility of security soft publishers.

The well-known security soft publishers produce decent products, but past a certain point it comes down to the user. You can say that is true of all software products.

Security is a problem I think we cannot solve because of the human element. Some think it can only be solved by some form of Ai precisely because of the human element. I think SkyNet will quickly realize humans are just too difficult to manage and kill us all just like in the movies. Really good problem solvers solve the problem quickly and efficiently. Soviet style. ;)
 
Last edited by a moderator:
  • Like
Reactions: Andy Ful, Der.Reisende, Syafiq and 4 others
F

ForgottenSeer 69673

cruelsister said:
Tickle- I've been thinking already of just putting out a new "settings only" video for CF. Probably on March 2-3. Also, the song is from my favorite, Lisa Gerrard- The Sea Whisperer.
Click to expand...

Is this a Nordic type of music or are you a kindred spirit?

I just have a small beef with Comodo over what they did with Kevin is all. When he sent me emails he talked and talked. I never seen anybody talk more then him except for sly guy, opcode, lockdown and that is not being disrespected of these posters. " For a women that works for a bank you have some nice skills . And have a smart cat and great taste in music. I don't care how good Comodo is. when they screwed Kevin over. I( won't touch there software.
 
Last edited by a moderator:
  • Like
Reactions: AtlBo and Syafiq
show-Zi

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
The comodo firewall is already an impression that it is a product called comodo automatic sandbox.
Speaking of the firewall itself, it has not changed so much since around v4 I used for the first time. I think that it is a natural evolution as new value added is necessary to evolve as software.

The watchdog behind it is getting more presence than the wall of the flame. The video of @cruelsister teaches watchdog excellence and way of training.
 
  • Like
Reactions: Andy Ful, bribon77, AtlBo and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Lockdown said:
You must be young. Meaning, you were born after the Soviet era ?

The Soviet system was decisive and efficient in certain matters.
Click to expand...
Careful, McCarthy is monitoring our statements...
 
  • Like
Reactions: AtlBo
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
ticklemefeet said:
if one uses Appguard is Comodo really necessary?
Click to expand...
Appguard and Comodo are giving different kinds of protection. The first is software restriction policy, and the second is a type of anti-exe. Each one on its own is sufficient to protect your system, if it is working properly on your system (with Comodo, this is a big "if") and you know how to configure it (with Appguard, this has proved to be an issue for some users).

Comodo is easier to set up and use, and it is free, plus it gives you a firewall, but it can be pretty buggy at times. I often try out the new versions, and I always run into issues sooner or later.
Appguard requires an investment of money and effort, and you might even have to use your brain a little in order to master the concept, but the investment pays off in the end.
 
Last edited:
  • Like
Reactions: Andy Ful, Sunshine-boy, Der.Reisende and 5 others
Sunshine-boy

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,760
Comodo automatically sandboxed the malware!that's all.
How can Comodo sandbox tell me that the file is going to destroy my windows so pls don't run it outside the sandbox?
The malware also doesn't show anything bad in the sandbox! so the user may run it outside the sandbox.so whats the point with comodo sandbox?
 
  • Like
Reactions: Nightwalker, Andy Ful, shmu26 and 5 others
Mahesh Sudula

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
Sunshine-boy said:
Comodo automatically sandboxed the malware!that's all.
How can Comodo sandbox tell me that the file is going to destroy my windows so pls don't run it outside the sandbox?
The malware also doesn't show anything bad in the sandbox! so the user may run it outside the sandbox.so whats the point with comodo sandbox?
Click to expand...
Comodo buries almost all the crack files (process) into the sandbox..right after execution..Their default deny is some right..but is heavy for a normal user..
It works on two ways :- File Digital Sign and Reputation(in cloud)...and their Virus scope works in 2-3/100 samples..Firewall too much active..
I highly doubt most of their detections especially (Unclassified malware)..and most of the times simply adding to DB due to VT detections..Fp's prone
Too user dependency..no automated decisions..0 BB..takes a toll from gng to Comodo..
Their recent Comodo Cloud AV..is a total Garbage..Valkyrie Analysis--> Total Sandboxing !!
Still like them for making the product free ..and their firewall:)
 
  • Like
Reactions: Andy Ful, MeltdownEnemy, shmu26 and 7 others
AtlBo

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
@Sunshine-boy...good point, but basically once you look at the tests and then consider the TVL and how successful Comodo is at sandboxing malware, no way should unrecognized be run outside of the sandbox. I guess maybe it's a little bit foolhearty for Comodo to assume that users understand even that much, but it can be set up so that there isn't an alert. Also, a user who didn't know not to run software Comodo doesn't like outside the sandbox is less likely to determine how to disable the sandbox for the process.

Maybe Comodo should do a better job on alerts explaining what is at stake running unrecognized outside the sandbox. I have felt this way for awhile...
 
  • Like
Reactions: Andy Ful and Garzaman

Similar threads

Shadowra
    • +Reputation
    • Like
    • Applause
App Review SpyShelter Pro 2024
Replies
13
Views
933
Video Reviews - Security and Privacy
LennyFox
L
vtqhtr413
    • Like
    • +Reputation
Hot Take First look at the new All Apps section of Windows 11 Start Menu
Replies
0
Views
237
Windows 11
vtqhtr413
vtqhtr413
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Comodo Firewall BETA 2024 (Modified Settings)
Replies
12
Views
2,106
Video Reviews - Security and Privacy
Nikola Milanovic
Nikola Milanovic

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top