About whether the “leakiness” of firewalls other than Comodo can be increased by the user, I’d have to hazard the guess that, yes, that’s likely. Most firewalls are pretty configurable these days. That definitely opens the door to making a firewall more porous. As I understand it, the term leaks implies ways to spoof the firewall into believing that any sort of inbound or outbound transmission is one thing, when it is in fact something else masquerading as the former. So this is not so much about opening or closing ports but has more more to do with the identification of processes and programs that are allowed to or not allowed to access the network/Internet.

I can’t make a blanket statement that all firewalls are vulnerable to user input causing leak-based vulnerabilities. But I would think that most have some degree of vulnerability. After all, users can choose to say yes or not to pop-ups in most cases. And other settings pertaining to trust may come into play. There’s pretty much no way to make these decisions 100% automatic.

It’s an interesting question. I invite others to weigh in with their two cents. I may well have missed some aspects.

Mea culpa. When I posted my reply above, I should have stated that I am a moderator on the Comodo forums, if only for openness. My apologies for omitting that.

The first part of my post was just to point out that D+ could be enabled or disabled through the GUI and an uninstall-install was not required.

The second part was a genuine question. While I have a solid knowledge of CFP V3, I only have a surface familiarity with a handful of desktop firewalls other than Comodo, and was actually asking if other firewalls could be deliberately increased in “leakiness” by altering their configuration.

Cheers

On another note regarding OA; I have been using and testing OA quite a bit the last 3 months or so and I can say it’s a quality product to consider. But it is a bit more technically orientated and some users might be put off by that. That and it requires some up front work when installing that other firewalls don’t need, but that is part of it’s strength because then it has less questions to ask later. Also, it’s getting much closer to the next release version which will improve things quite a bit.

Scot’s Newsletter Blog and Newsletter readers have been pretty clear on this point. I received literally hundreds of messages detailing far-ranging problems with Comodo 2.4. According to Comodo, the uptake on version 3.0 has been dramatic.

Like you, I have very few problems with version 2.4, and I liked it. Comodo still offers it for download as you say. But I’ve had zero problems with Comodo 3 personally.

One man’s experience does not a trend make.

But one way I would underline your advice: If you had no problems with Comodo 2.4, XP users who experience issues with Comodo 3 should definitely consider returning to Comodo 2.4 until the issues are straightened out.

Leland

I have heard of Blink, but I’m not a big fan of suite products and so far as I can see, its makers don’t offer a standalone firewall.

– Scot

Minor correction - no need to uninstall Comodo V3 firewall to activate the HIPS component. It can simply be enabled in the GUI, although you will need to reboot so the low level hooks are made effective.

Out of curiousity, imagine a user, installing any firewall, voluntarily chooses to disable the HIPS component (or similar low level hooks) and also ignores the warnings detailing the consequences of doing so, are they reduced to the same level as Comodo?

Cheers

http://www.eeye.com/html/index.html

I heard it talked about on Security Now with Leo Laporte and Steve Gibson. I switched to it just recently after a problem with my current setup and so far I’m really liking it.