Comodo Firewall Pro Vs. Online Armor Vs. ZoneAlarm Free

Discussion in 'Security and Anti-Virus Software' started by scooberdoober, Mar 10, 2008.

?

In your experience with two or more of these, which is best?

  1. Comodo Firewall Pro

    61.1%
  2. Online Armor

    22.2%
  3. ZoneAlarm Free

    16.7%
Thread Status:
Not open for further replies.
  1. jimmy-floyd

    jimmy-floyd Notebook Evangelist

    Reputations:
    9
    Messages:
    325
    Likes Received:
    0
    Trophy Points:
    30
  2. Gintoki

    Gintoki Notebook Prophet

    Reputations:
    2,886
    Messages:
    6,566
    Likes Received:
    0
    Trophy Points:
    205
    Here you go. Also, it's not really recommended to have both running, you can run either one you want but running both is kind of overkill.
     
  3. scooberdoober

    scooberdoober Penguins FTW!

    Reputations:
    1,718
    Messages:
    2,221
    Likes Received:
    3
    Trophy Points:
    56
    OK, after testing all three I've came to the conclusion that I don't like Online Armor at all, it feels more like a beta program than a finished product, and it left many ports open, failing port scans. Comodo Firewall Pro is best for the tech savvy user, and offers the best protection of the three. ZoneAlarm Free is best for the average less technical user, and does a good job of protecting the system, and provides full stealth without any additional configuration necessary.

    So the bottom line is that I would recommend Comodo Firewall Pro for the more tech savvy and power user, and ZoneAlarm Free for everyone else.
     
  4. scooberdoober

    scooberdoober Penguins FTW!

    Reputations:
    1,718
    Messages:
    2,221
    Likes Received:
    3
    Trophy Points:
    56
    Whatever the latest version was a couple of days ago.
     
  5. Gintoki

    Gintoki Notebook Prophet

    Reputations:
    2,886
    Messages:
    6,566
    Likes Received:
    0
    Trophy Points:
    205
    Now i feel content that it was through my coaxing that he started using Comodo Firewall Pro.
     
  6. scooberdoober

    scooberdoober Penguins FTW!

    Reputations:
    1,718
    Messages:
    2,221
    Likes Received:
    3
    Trophy Points:
    56
    I did try Jetico awhile ago, but it left ports open too, and was a real pain to configure. You had to make custom rules just for normal use; a real pain, but I've heard it's good for an expert user.

    To me ZA and CFP are the best of the bunch, and for the reasons I previously stated. They are both well polished and thought out products, ZA being the more intuitive.
     
  7. Softix

    Softix Notebook Enthusiast

    Reputations:
    0
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    15
    I am using comodo firewall because it doesnt lagged up my pc unlike zone alarm that it takes up my memory .
     
  8. jin07

    jin07 Notebook Deity NBR Reviewer

    Reputations:
    1,194
    Messages:
    1,889
    Likes Received:
    0
    Trophy Points:
    55
    WARNING LONG POST

    The only thing OA fails at is ping, however this is what OA says about ping: "A ping is not a leak. OA does not (default settings) stop pings. If it were using a TCP connection, or resolving an IP address (which would use DNS) then it would be stopped."

    GRC Shields up! Results for OA version 2.1.0.95.Free:

    File Sharing:
    Your Internet port 139 does not appear to exist!
    One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

    Unable to connect with NetBIOS to your computer.
    All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

    Common Ports:

    All of them have stealth under status and for security implications: There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!

    All Service Ports:

    Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .

    Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)

    Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation

    Messenger Spam:

    None received

    I have not made any changes to the firewall beyond hiding the boot splash window, not having it notify me when programs are auto-trusted, and I don't send info to OA about the programs I use. In other words, these are basically default settings for OA. I'll test another port scanning program if you want, but I believe Shields up! is the one most commonly used.
     
  9. Omneus

    Omneus Notebook Geek

    Reputations:
    7
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    15
    As far as which firewall is best, the answer is that whichever one you can use the best/are the most comfortable with is fine, as long as the choices you are looking at are technically proficient. With that said, of these three choices, ZoneAlarm Free is the weakest. In terms of basic functionality and effectiveness, Comodo (CFP) and Online Armor (OA) are both comparable to any paid products in both technical accuracy as well as common comparatives such as leak testing. ZoneAlarm Free in considerably weaker than the paid version, and so is not really worth comparing against these other choices.

    (Long Post)

    As far as whether CPF or OA, you must first distinguish what a firewall is supposed to do. If all a firewall must do is filter internet traffic and allow/block stuff as configured, than either product, as well as other contenders such as the free version of Jetico, are fine. If you feel that more HIPS functionality and protection against leak-tests is desirable than CPF with its Defense+ is probably preferable, with OA tested only as an alternate. Firewalls nowadays are being asked to incorporate functions previously not considered the firewall's duty, and modern security is becoming increasingly based around HIPS as well as more all-one-security solutions rather than standalone products.

    As far as testing, both OA and CPF past most, if not all current leak tests. Properly configured, both will also past port-scan based tests as well, and any failure to do so is mainly an indication of misconfiguration rather than weaknesses in the product. Neither leak-testing or port-scanning are considered fully credible means of testing defenses by any means, abd for good products are used best as a way to verify that everything is working properly, not as a tool to say that one is better than another. CPF is considered the standard firewall choice for various reasons, but it is important not to simply eliminate the other contenders without giving a fair chance.

    Personally, CPF's business plan and support for their firewall doesn't particularly appeal to me, but I have seen significant testing, development and consistent support from the OA forums. OA is in essence a continuous beta test, with each new version correcting previous bugs or adding new features, usually at a cost of introducing new bugs. The last to current official versions were released because the customers of paid OA wanted to have an official release rather than numerous beta releases, so it is possible that any current user using the latest version is finding bugs that normally would have been reserved for beta testing. If you use it and don't like it, that is a justified opinion, but before criticising thorough effort should be at least attempted on your part, otherwise criticism is somewhat unfair.
     
  10. jimmy-floyd

    jimmy-floyd Notebook Evangelist

    Reputations:
    9
    Messages:
    325
    Likes Received:
    0
    Trophy Points:
    30
    So, which one is better ( CFP or OA ) for one who don't want a system hog by a firewall and at the other hand a good protection. ?
     
Thread Status:
Not open for further replies.

Share This Page