No–I know all those things, and I did them many times. I just don’t want to deal with HIPS alerts and changing settings and things all the time any more. I’ve had it with HIPS based apps. I don’t want any more alerts when using, installing, or uninstalling anything. I just want a firewall that alerts me to connection attempts, both incoming and outgoing and lets me make the choice on a per application basis to allow or not. I do not want to be notified or alerted about anything else. If there is a way to set up the Comodo Firewall (or any other one out there) to only monitor connections and nothing else, I’d be interested but if not , then I’ll stick with what I have.
Would the Comodo Firewall with D+ disabled work that way?
If you just want a packet filter, the old Sygate or Kerio (even v4) work fine with XP and give great visibility. Don’t know how they work with SP3, though. Also, Zone Alarm Free, which gets beat up mostly for not having a HIPS. Comodo without D+ is just not a mode they are interested in selling, so don’t know these days-may have gone in reverse? At best, the logging is severely deficient and some of the controls don’t do what you think they should. Have you spent some time with the Avast! AIS quiet firewall, which is based on some of the same assumptions about HIPS problems?
I would never have used Comodo except for a lack of firewalls that supported Vista early and adequately and I thought I could influence things-became a mod mostly because they and their staff completely lacked understanding of how ports and protocols really worked for internet applications-I spent an inordinate amount of time helping users make firewall rules. FTP was simply beyond their comprehension, for example-like they had never heard of it as being an example for SPI. There are also a number of things that either don’t work or don’t make sense unless they are training you to cope-they even ----ed up Threatcast, both as a concept and as an implementation. OA Oasis and Prevx do seem to understand it fine, and I see lots of others reporting success. So as far as firewalls, several mods agreed that Comodo is at best mediocre without D+ (won’t give you names, since a couple are still there trying to improve things). I would not even consider its use as a standalone firewall. Fixing its vulnerabilities outside of D+ has just not been a priority.
But I am using OA these days, which is also HIPS oriented, although the HIPS can be turned off. You might try that also. I have stuck with it for nearly two years, so don’t have a good read on the newer upgrades of some of the other firewalls, but have no complaints about current capabilities. Not a Gamer, but use lots of wireless hotspots.
BTW something you might try. Run the CLT with D+ turned off and see how you score. I tried with OA last year and got about half, but couldn’t get any of the Comodo mods to try it-probably too many modes and options to think about. One particular vulnerability of concern is the loopback interface.
Dch48 you can just run the Comodo Firewall with D+ disabled at 100% and only only monitor connections inbound and outbound traffic, all you have to do is install the Comodo and then go into the software into the “defence+” icon and click “advanced” then look for “defence+ settings” at the general settings tab box look for “Deactive the Defence+ permanently (Requires a system restart)” tick that box and your done.
Which means you only have the just the Comodo Firewall without using the defence+ system.
Edit: After that make sure you click on “Miscellaneous” and goto “settings” look for tab box call “Logging” and tick the “Disable Defence+ Logging” that’s all. Once you’ve setup your firewall make sure you goto “Firewall” icon and click on “Stealth Ports Wizard” and pick “Block all incoming connections stealth my ports to everyone” and click finished.
Comodo members, resistance is futile. Prepare to be assimilated. Comodo has announced they have deactivated the “delete account” button on their forum. :o
