Tutorial

Comodo Firewall Reviews

Comodo Firewall Reviews

Comodo Firewalls program control is overshadowed by its Defense+ module, a kind of behavior-based malware detection that Ill describe in detail later in this article. Defense+ proved effective against leak tests, programs that attempt to connect to the Internet behind the firewalls back. I consider a product successful if it detects the attempt, since the whole purpose of leak test techniques is to connect invisibly. Comodo detected sneaky actions like trying to modify Internet Explorer in memory, trying to launch and control IE, or trying to modify a programs user interface in every case, even one that got past ZoneAlarm.

Its worth noting, though, that leak test control is only necessary when firewall program control relies either on simple rules or on user queries. Norton and Kaspersky ignore leak tests because analysis shows theyre not actually malicious.

Like ZoneAlarm, Comodo Firewall didnt actively detect or block any of the thirty-odd exploits generated by the Core IMPACT penetration tool. Norton and Kaspersky block exploit attacks at the network level. When last tested, Norton blocked all of them and identified almost all by name.

Unfortunately, this firewall isnt quite as well-hardened against attack as ZoneAlarm. I couldnt kill it using Task Manager, and I couldnt stop its essential Windows service. However, setting the services startup type to disabled and forcing a reboot disabled the firewall. It visibly launched, but its protection never started.

The basic firewall settings are fairly general, and accessible to non-expert users. Even so, most users shouldnt change the defaults. Clicking Network Security Policy brings up a dialog with a vastly more complex set of options. If you can look at a line like "Allow ICMP In from MAC Any To MAC Any Where ICMP Message Is TIME EXCEEDED" without fainting, then you may be qualified to review and adjust these settings.

Go to link Download