Wednesday, January 09, 2008

A firewall for everyone

Database News : Thursday December 06, 2007


A firewall for everyone

Everyone needs a firewall, and Comodo Firewall Pro's new Version 3 for Windows is a great choice


Every so often a program comes along that is so revolutionary, that so redefines the very idea of utility and so spectacularly upends the old software tradition that it overturns all the old assumptions and over-fulfills expectations.

Luckily, though, Comodo Firewall Pro is not such a program. Rather, this modest Internet prophylactic just hunkers down, keeps a remarkably low profile and gets a job done that is filthy, nasty and absolutely essential - where "absolutely" is an absolute word.

I still get the occasional email asking if it really is necessary to have a firewall on the Internet. There are three possible answers to this question: Yes, yes and yes.

If you use a hardware router that is properly set up, you may not bother with software, but going on the Internet without a firewall of any kind means your machine will be compromised, your programs and perhaps your data will be harmed, and your connection will be subverted by robots sending out spam and malware in your name.

Comodo has become my own choice as a firewall. True to its operating philosophy, this security program is simple all the way. Even right at the start, it detects your operating system and only allows you to download the firewall version for the computer you are using.

Installation is simple. The program warns you to uninstall any third-party firewalls before you start. They mean non-Microsoft. You do not have to delete or even turn off the ordinary Windows firewall, but you must ditch commercial products like ZoneAlarm and Norton. You ignore this warning at some peril, because running two firewalls at once can be a disaster of the same sort as running none.

After that, Comodo installs smoothly and safely, and turns off the Windows firewall if necessary. You now have a couple of choices to make before you pretty well are forced to reboot.

If you are not sure about all this Internet security stuff, you cannot go wrong trusting this firewall. Allow it to configure itself now and later. Just accept the two standard protection modes - special anti-malware defence and standard firewall - and go to work.

If you are comfortable with security setups, there are still half a dozen steps to go before you are ready to reboot and reestablish the Internet connection. You can choose to help to teach Comodo Firewall Pro about how you use the Internet and how to use your various programs, from browsers to peer-to-peer software and beyond.

The first place I go after installing a firewall is Gibson Research Corporation. This is home of the basic test for any firewall, the GRC Internet Security Detection System run by security icon Steve Gibson. The test is called Shields Up, and can be run pretty quickly through Mr Gibson's web site (

Within a minute, you'll learn whether your firewall is really working, and then you'll find out how well.

Once you give permission, the Shields Up software will try to break the defences on your computer. It gives any firewall a hammering, then rates the results. You hope to see all green on your screen, meaning that your security is tight, and also that your firewall is just lying low and keeping your ports in a stealth mode.

Comodo Firewall Pro passed the test 100 percent on each of my attempts. This is excellent. Many firewalls leave a port open for their own purposes. Security experts disagree over this point, so if you have one red dot on the Shields Up test, it is not the end of safety. More than one, however, indicates a major problem and I personally favour the all-green that Comodo gives.

As you use Comodo, or any other decent firewall so far as that goes, it will pop up occasional queries about both programs (full software) and processes (behind the scenes stuff). I have run Comodo on parallel XP and Vista systems for a few weeks, and here is what I have concluded.

If Comodo names a program you know about and are using, call it a trusted program and get on with it. If Comodo names a process and tells you that it is safe, let the process do what it is doing, label it trusted. You will see both of these for a day or four after you install Comodo and it learns about your computer.

The trickier questions will come if Comodo detects a program or process that you are not using and which Comodo does not know enough about to call it safe. This is what security geeks live for, and their big brains are constantly pounding like House Trance in anticipation - but it is what the rest of us normal people dread.

Comodo will catch suspicious activity coming in and out of your computer, so you will have to pay attention to the caution messages. Others may handle it differently, but here is what I do.

If a program I know nothing about is trying to get to the Internet, I tell Comodo to block it "this one time," and then watch to see if it tries again. If it tries over and over, and nothing else appears to happen on my computer, then I assume it is a bad program and I deny it all access to the Internet. You can always go back into Comodo and change your mind later, of course.

If someone or something from outside is trying to get into my computer and Comodo asks about it, I do much the same - block it once and then see what the effects are, while waiting to see if it goes away or hammers on my door repeatedly.

Comodo has the best Help file and on-disk manual I ever have seen in any security program, ever. It is written in actual English, and has dozens of screenshots of the program in action so you can match it to what is happening on your machine.

I have taken off all other firewalls on my own personal computers and thrown them away to make room for this excellent software.

You can take a look at the firewall and other security programs from the same company through the home page at


By : Bangkok Post

No comments: