Help Switching Firewalls To Comodo

I don't have security on one of the PCs here, and I am thinking about Comodo Firewall and an a-v (360 TS or another) or CIS free. Anything I should look for making the switch if I decide to switch from Private Firewall?

I've tried the Comodo Firewall in the past, but it seemed to remove things without any warning or notification. Some batch files would be mysteriously emptied of their contents, even though I selected for them to be trusted. Also, settings seemed alien to me, and I had trouble finding configurations. Then they were difficult to understand, especially the hehavior based ones...

Anyone out there using the program now who has dived into the settings? Looking for some deeper knowledge...

 

I have not used it in many years.

Last time i used it,It was still buggy as he!! that is the reason way i stopped using it my self.

Pretty much the only thing's i use on all my computers is Avira and Malwarebytes and the windows firewall of windows 7.

I have not gotten any viruses in years.

 

Here is a link with current problems.
http://www.wilderssecurity.com/thre...ree-vs-windows-firewall-on-windows-10.384511/

 

Yeah, I don't know why I keep going back. This time, I have no security installed to remove before installing CF, so at least that would make the job of testing the latest version a little bit simpler. Hey, and then I can remove it with Comodo Programs Manager

 

I have been using CIS Free on multiple systems for many years. I wouldn't describe the earlier link as 'current problems' as reading the thread shows it was a problem for a specific user with potential conflict in security software.
But Comodo's own user forums give a much better understanding of any issues.
Apart from passive protection programs such as SpyBot & SpywareBlaster, and free versions of MalwareBytes & SAS for simple scans, I run CIS Free and no other live protection and it works just fine on Windows 10, as it did previously on Vista, 7 and 8.

 

AltBo, here's a new kid on the block.
Free Firewall.
http://www.majorgeeks.com/files/details/free_firewall.html

PS
I have not tried this as I am about to test a networking troubleshooter and don't want any possible issues.

 

BTW, thanks Eldon. Someone else mentioned that to me, too. Maybe I will give it a try.

Warning...this one is long...

The part in wile e's linked thread about Comodo reverting settings is actually something I think I ran into last time I tried the program. The biggest problem I am running into, however, is that firewalls ask you to make a choice. At that time, you have to choose basically to approve/reject that behavior the once or just blanket approve/reject. However, if the process has more than one use, and, if you then allow and remember a setting, the process just starts writing checks. If you don't, you have a pop up choice to make every time you/Windows use the app in that same way. One example is command prompt, cmd.exe. If I limit what it can do because of a program or potentially dangerous script or process, that means it is limited every time I go to use it for something, too. Now think of all the Windows elements there are to protect (and then still hopefully have use of too). And to make matter worse, PF tells me that Explorer.exe wants to contact the internet? On an older system, calc.exe tried to contact the imperial data regime, and I had to block it with PF. Seriously, MS says they care about security, but I don't think so, based on the design of Windows.

By the way, I am reading some scary as hell news on cryptolocker variants:

http://www.bleepingcomputer.com/new...e-files-and-encrypts-your-hard-drive-instead/

and

http://www.bleepingcomputer.com/new...e-files-and-encrypts-your-hard-drive-instead/

I want to lock down at least one system here. For me, other than a-v/firewall, the best option would be a backup program that hides connected backup drives from the system, so ransomeware can't see the drives to affect backups. Then the program could by user's choice create its own partitions for backups or just take ownership of the drive if it's not required for anything else.

I get the impression with Comodo that the writers there at the company have gotten lost over some issues to do with the core of Windows. Like it's hard to explain why MS didn't make it easier to see what a program is attempting to do when it attempts to invoke a service. The services dialog could have used some input from security experts I feel. Also, the services dialog, is going to have to be basically blanket allowed behaviorally and for net contact, but programs can install services, too. So the only hope is to catch the individual service that is malware if there is one on the system. Malware writers are crafty though. It is hard to understand why MS made it so easy for programs/executables to contact the internet. Add to this all of the potential problems with command line and scripting, and it seems like it would be easy to get lost as a security writer trying to determine how to tie into Windows.

Reading the thread at the bottom of the petya article, one of the guys claims he opened a resume in Word that was a PDF.exe. Thinking about the hassles that guy went through has motivated me. It really can all be wiped out in one decision, and a resume is a normal thing for some people to be opening, especially when they are at work. Any day that could be me having no options. And they are sending out millions of e-mals with the ransomeware links affecting 10s of thousands of systems. Wow. I really want to once an for all do something about this.

One more thing about firewalling. Firewalls, and I think Comodo, too, tend to come up short in some ways. OK, I am speaking of Private Firewall vs Comodo here, and PF is as simple as it gets. The problem with PF is that it doesn't keep particular IPs to block for each process that attempts to connect to the net. That means that blocking, lets say Flash player, from contacting an ad provider, and then not blocking it from checking for updates cannot be done. It's just allow it all or deal with the pop ups for all IP contacts. Comodo I think has the same problem. Yeah, I could manually block particular IPs in PF, but who in the world has time to manually block IPs? I don't have time to do that. And some programs, ahem Microsoft Windows, will just try backup IPs until one is found that isn't blocked.

I REALLY want to find a backup program that secures fully against ransomeware...

 

Check this out:

https://www.washingtonpost.com/worl...1d661e-4166-11e3-8b74-d89d714ca4dd_story.html

Who's overseeing the cops?

 

Re: ransomware, I suggest at least install CryptoPrevent here: http://www.majorgeeks.com/files/details/cryptoprevent.html

Thx Eldon for alerting us to the new one, Free Firewall. I am checking it out, now. Initial observation is its much more friendly than most.
Whether it works or not, remains to be determined with time

 

I assumed a ransomware program was already installed on your system. There are plenty now and I like CryptoPrevent in maximum protection mode.
As far as Comodo is concerned, it is no where near as complicated to configure it fully at the beginning than some users suggest.
It is the top rated FW protection bar none.
I must just be very lucky - never had problems with in on any OS since XP and not on the many systems I have helped people use it on.
My own experience is that CIS has just got better and better, unlike many others, and I wouldn't swap it even if I was paid to!

 

Looking over Free Firewall. It looks pretty good. Installation offers option to leave Windows Firewall on, so I wonder if that means I could still run Private Firewall. I'll test that later, but I chose turn off Windows Firewall for this look. One thing about this is that it offers no defense process-wise (executables). It's a simple net blocker. Just to make that obvious might help someone. Also, I tested Remote Desktop but got no pop up from the program. That was a connection from this PC. I'll try it backwards in a bit to se if it blocks RD from incoming attempts.

Biggest flaw is the inability to be IP specific with processes, especially Windows ones. No problem allowing the network type transactions from Windows, but blocking only the others doesn't appear to be possible. Have to look over better to see. Just first impressions...

 

Mas...I've had that impression, too. I just get frustrated that it's so difficult to block Windows from contacting MS (other than updates which are OK) while allowing network functions. Also, I get frustrated with Comodo about the nagging little issues with scripts, and I do seem to recall it forgetting settings. It's amazing that the program has gone so far over the last 10 years, though. No doubt it is 100% well intentioned and pretty darn good too. I just can't stand files disappearing without a trace, that's the main thing...

 

Since i have my setup i have never gotten any type of ransom ware.

I use Ublocker for firefox and that blocks about 90% of the ad's a BS out there.

And i all so use the pop up controller for firefox and that helps block tab pop ups.

If you want the links of the stuff i use.

Here is the links below.


Adblock Plus 2.7.3
https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/?src=ss

Adblock Plus Pop-up Addon
https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/?src=search

Pop-up Controller
https://addons.mozilla.org/en-US/firefox/addon/pop-up-control/?src=search

uBlock Origin 1.9.4
https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/?src=ss

Speed Tweaks (SpeedyFox)
https://addons.mozilla.org/en-US/firefox/addon/speed-tweaks-speedyfox/?src=search

Malwarebytes plus Avira

And that pretty much sums up my system protection.

 

Ransomware types are being written at an exponential rate. Mainstream and tech news have been warning about this in the last few weeks alone.
It is only a small number of personal users that get it as it is predominantly targeted at businesses and state institutions.
But ordinary users do get it so the risk is there and can be catastrophic.
Having one of the, now many, prevention programs on any system is very worthwhile. I use CryptoPrevent and it is easypeasy. Set it, restart, and leave it. Only options above 'basic' protection mean occasionally turning it off in order to install or update some programs, then re-enabling it.
I wouldn't be without it and advise everyone I assist to have it. Better safer than sorry.

 

AltBo, as Free Firewall is relatively new, contacting the publisher, Evorim, can help you as well as the publisher further develop the software.
http://www.evorim.com/en/company#company

Also, have a look at VeraCrypt for protecting your important files.
http://www.majorgeeks.com/files/details/veracrypt.html

Now, if you need a firewall with a difference...
https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx

 

What crypto is preventing is described in their tech page. Scroll down past the long list of versions and change logs and -then- you get to the meat of what it's doing. Certain types ; exe scr pif ect and from certain locatins ; %appdata% ect are blocked unless you choose to let it go.

The very last statement on the page is worth knowing - you only have to install it once and it works for all user accounts - even accounts you add after the fact.

 

I was thinking AltBo is serious about a good firewall.

 

Along with CryptoPrevent, I run Bit Defender's Anti-Ransomware. They don't seem to be conflicting with each other and none of my files have been encrypted.

 

Just noticed I left off a link last post. Here's their tech page -

https://www.foolishit.com/cryptoprevent-malware-prevention/technical-information/

 

"Backup" programs don't really secure anything, but make life easier to return to normal after the "security" program failed.
No security is ever perfect. Put up enough barriers to make the attacker decide you aren't worth the time. Never challenge anyone; there are some, who will accept your challenge, just to prove they can and will break through. Stay away from places, you don't belong. E.g., MG is a trusted site and you don't even need WOT to tell you that.

 

Serious about a firewall? You aren't kidding with Sophos, Eldon. I would like to take a look at it for sure, though . I don't think I have just the right PC for it at the present time, since it requires 6 GB and 4 cores. I have one, but I use it, so that's out. I will keep that in mind, so thanks.

Struldbug...I agree 100% with you. Thing is with ransomeware, it only takes one time, and I had to admit reading about them that I'm not really prepared. I have smallish backup drives that are connected and no anti-ransomeware capability. That's one reason why I would like to see something that hides backups from cryptowares. Because backup is so important and strategies a little bit complicated, that's something I would pay for...secure backup, although I don't know how many others would. If a ransomeware gets by security, at least the backups would be safe.

Max...yep, I think youre right. I'm gonna have to add cryptoprevent or something like it. I was tryting to avoid another security program, but I could get rid of EMET I guess. Not that the system is bogged down with security, but EMET is a weird program. It's memory and other mitigations, but you have to select which programs to include. This works with Office software, pdf software, and e-mail (I use net mail), but not sure it does anything for any others. The memory mitigations only block some things too I think...standard drive by memory injectors. I do especially like the idea of memory randomization though. Comodo uses these types of protections too.

I was thinking about BitDefender a-v, but I think I'll be back with 360, since it has the avira and BD engines. However, this looks really good. Gonna have to compare this with CryptoPrevent or maybe I will run both too.

wile e...thanks for the tips. You mention uBlock. I like uMatrix and I use it in 360 browser (Chrome based). I usually use Firefox, and I am using NoScript, Ghostery, Bluhell Firewall, and BetterPrivacy in it for now. The more I use uMatrix, the more I like it, though, so I might switch NoScript for it on FF. NoScript does a good job against redirected IPs though, and I'm not sure about uM on that one. Sure gets high marks though.

This all reminds me of the .dll hell days quite a bit back in the mid-late nineties. The difference is that ransomware is alot more clever than most of the malware of those days. I remember everyone laughing at the first ransomwares. Still, I am beginning to get the feeling that we are on the edge of seeing an escalation of malware problems, and I have been basically skating through the last 10 years or so. Heck, I didn't even use a password on the PCs until a couple of years ago...

Still, why do I worry that security could become too focused on ransomeware and miss something big? I could be wrong. Ransomeware does seem like the perfect malware from a malware writer's viewpoint, but I am concerned that as security gets tighter, malware writers could get nasty. Who knows what they could come up with, and how many of these %#$%$# apps we gonna have to run!

 

CryptoPrevent doesn't use any resources at all once you set it. It wouldn't matter what else you have.

 

https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition.aspx