Author Topic: Firewall  (Read 38002 times)

0 Members and 1 Guest are viewing this topic.

Cactusjack

  • Guest
Re: Firewall
« Reply #45 on: November 03, 2006, 12:39:28 PM »
Sorry Tech,you are correct in this case.
But i have a lot to learn about the houserules on this Forum.
So put me for a while in the Chest,but please not to long.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Firewall
« Reply #46 on: November 04, 2006, 04:39:55 AM »
I know that it was your duty to post the info at COMODO forums, but the info was a personal message, and I had a not quite pleasant conversation with Paul recently. ;) Please ask the person who posted an info like that, before republishing it. :) Thank you. :)
P.S. I am also not correct in this case, but you know what personal message is. :)
Sorry. I thought that posting here (in Internet after all) it won't be a problem to post there.
Well, maybe Paul could post there and here too and solve our doubts.
I'm not arguing or trying to blame against Paul - I don't know who he is... - but just trying to find the truth about Comodo security.
Anyway, sorry for the problems I've brought to you, for sure, it was not my intention.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Firewall
« Reply #47 on: November 04, 2006, 04:41:08 AM »
Sorry Tech,you are correct in this case.
But i have a lot to learn about the houserules on this Forum.
So put me for a while in the Chest,but please not to long.
Cactus, I never intended to be rude or to blame against you.
I hope you understand. You'll always be welcome, we're always and contantly learning  8)
The best things in life are free.

p2u

  • Guest
Re: Firewall
« Reply #48 on: November 04, 2006, 07:08:46 AM »
2 Tech:
If you want evidence, I will tell you how to reproduce the behavior:
http://download.drweb.com/drweb+cureit/
The download link is down the page.

After clean install, or if you are still using the default rules, first set your Network Monitor rule TCP/UDP Out Any to LOG and you will see the problem: all you get is an alert for remote port 21, but not for the remote (destination) 64000-65535 range. I don't think a detailed analysis is necessary here: the logs will speak for themselves. The high remote port range is silently allowed without any alert popping up. COMODO does not warn, even though I set it to 'Very High Security'. I don't think I'll have to give anybody a detailed analysis of the implications remote port redirecting tricks might have.

P.S.:Nothing on my computer is trusted, so the "Don't check certified application-stuff" was DISABLED.

I'm not talking about MY ports. They are all closed even without firewall. No problem here. The allowed local (source) port range is 1024-4999. It's DrWeb's ports 64000-65535 I'm connecting to WITHOUT WARNING FROM COMODO. Now with firewalls like Jetico and Sygate you get a warning whenever your computer tries to connect to a remote (destination) port THAT HAS NOT YET BEEN DEFINED BY THE USER.

On the Application Level (Layer 7) Firefox (my default browser) has the following rules:

1. Firefox.exe
Destination: 127.0.01
Port: 1024-4999
Protocol: TCP In/Out
Allow

2. Firefox.exe
Destination: RANGE: xx.xxx.1.1 – xx.xxx.1.2 (my 2 DNS servers)
Port: 53
Protocol: UPD Out
Allow
(Local Ports were restricted by the Netmonitor rules to 1024-4999)

3. Firefox.exe
Destination: [Any]
Port: 80,90,443
Protocol: TCP Out
Allow
(Local Ports were restricted by the Netmonitor rules to 1024-4999)

When you go to that site and you start the download, you get a warning from COMODO about Firefox connecting to remote port 21 (which you allow) and the download starts, although it SHOULDN'T start before you allowed one of the random remote ports between 64000-65535.

Paul Wynant
Moscow, Russia
« Last Edit: November 04, 2006, 07:20:27 AM by p2u »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Firewall
« Reply #49 on: November 04, 2006, 02:04:54 PM »
When you go to that site and you start the download, you get a warning from COMODO about Firefox connecting to remote port 21 (which you allow) and the download starts, although it SHOULDN'T start before you allowed one of the random remote ports between 64000-65535.
Thanks Paul.
As I've posted in Comodo forum, http://forums.comodo.com/index.php/topic,3687.msg27931.html#msg27931, I'm not a firewall expert.
I need the Comodo programmers to help me (and you, and all other users).
As you say, seems a problem (hole) in Comodo protection.  :-\ :'(
The best things in life are free.

Steroids

  • Guest
Re: Firewall
« Reply #50 on: November 04, 2006, 08:11:41 PM »
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Firewall
« Reply #51 on: November 04, 2006, 09:07:00 PM »
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???
It's a good firewall. Anyway, a lot of security tests does not give it a very good rate.
Please check:
http://forum.avast.com/index.php?topic=22742.0;topicseen
http://www.firewallleaktester.com/tests.php
http://www.thefreecountry.com/security/firewalls.shtml
The best things in life are free.

Cactusjack

  • Guest
Re: Firewall
« Reply #52 on: November 05, 2006, 03:07:01 PM »
Has anyone tried the zone alarm firewall? I have used it before and thought it was very good, it does use a lot of cpu usage... but what do you guys think..???
It's a good firewall. Anyway, a lot of security tests does not give it a very good rate.
Please check:
http://forum.avast.com/index.php?topic=22742.0;topicseen
http://www.firewallleaktester.com/tests.php
http://www.thefreecountry.com/security/firewalls.shtml
Look i know a Computer Freak whit experions from here to Tokyo,and he write
on his website.Free Firewalls.1Sygate.2KerioFirewall.3ZoneAlarm.
And i have try this Firewalls,and i found that Sygate use much CPU. but is working
better than the Firewalls off Symantec.but there are the problem.
Symantec do anything to destroyed the Sygate.Only for sales reasen of Symantec
products.(YouKnow that Symantec Sygate buying ayear a go)
Than the kerio is a fine and good to understanding Firewall,and olso in the Free version.
So far so good,but The free ZoneAlarm is Firewall whit  no good results in tests,
and in use is it a dissaster,everytime a Yellow card for jour face,every time asking what
to do whit this IPnumber.No i am not a fan of Zonealarm,But it seems that the
Proversion is very good.
Then the Leaktest,I believe that the reallity of the Best Firewalls in this test
nothing say about "What IS REALLY THE BEST FIREWALL IN PRACTICE".
And you must not forget that your Mousefinger the best Firewall is.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Firewall
« Reply #53 on: November 05, 2006, 04:37:02 PM »
ZoneAlarm (FREE) and avast! make a great combination.  :) IMHO
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Steroids

  • Guest
Re: Firewall
« Reply #54 on: November 07, 2006, 04:36:56 AM »
so some reccomend zone alrm and some hate it.. i can deal with the annyoing pop up alrms, but besides that is the free version that bad??? I am looking to get a good free firewall thats why i ask. i liked zone alarm because i thought it would prtect me wel.. but if not i will go with another... (guess besides commodor..) i was going to get that untill the loop hole...

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Firewall
« Reply #55 on: November 07, 2006, 04:52:43 AM »
Quote
i can deal with the annyoing pop up alrms
The "pop up" is there to ask if it's OK to allow a program to be used and/or access the internet.
You make the decision and check the 'remember' box so you don't get asked again.
You only get asked again for the same program when it's version changes due to an update of the program.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Firewall
« Reply #56 on: November 07, 2006, 12:32:36 PM »
Steroids, what Bob said is truth for almost all firewalls... the popup could be once for each program...

The "pop up" is there to ask if it's OK to allow a program to be used and/or access the internet.
You make the decision and check the 'remember' box so you don't get asked again.
You only get asked again for the same program when it's version changes due to an update of the program.
The best things in life are free.

Cactusjack

  • Guest
Re: Firewall
« Reply #57 on: November 07, 2006, 10:22:09 PM »
To day did i a visit to the Windows marketplace.
And one of the best Firewalls Jetico is from there to download.
But Jetico got 3 stars from the experts,and from the users between 3 and 5.
The comment on Jetico where that this Firewall is short off memory.
So after install,then Jetico ask Allow? and so you setup this firewall.
But after a month or so,then he ask again.
I say this bevore that the Best in a Leaktest ,not the best is in practice.
I say not that Jetico a bad Firewall is,becourse i have Jetico never use.
But if you read all the revieus about this Firewall ,then i think he is not
so good as COMODO or Kerio or Sygate.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Firewall
« Reply #58 on: November 07, 2006, 11:12:59 PM »
Quote
But Jetico got 3 stars from the experts
Of all the firewall programs that I've tested, Jetico was the only one
to totally crash my system.
The only recovery for me was from an image. Needles to say, that's one FW I'll
not try again for a while. :'(
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

neal62

  • Guest
Re: Firewall
« Reply #59 on: November 07, 2006, 11:39:18 PM »
As a back up computer I have one with Windows  98 second Edition. It was just a game machine. I have put it on the Internet in the past few days. Didn't have anything for protection. One of the things I tried was the free version of Jetico version 1.0 etc. This version is good with Windows 98. Boy, was I surprised later. Nothing but pop ups asking for permission or denials of different pages I went to. Sometimes there was 5 to 6 popups per new or previous pages.
    I got tired of the darned things, got rid of Jetico and finally went with the free version of Outpost Firewall. Seems to be working fine for me on this machine.  :)
« Last Edit: November 08, 2006, 12:07:04 AM by neal63 »