Results 1 to 14 of 14
  1. #1
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    874
    Thanks
    517
    Thanked 35 Times in 27 Posts
    I'm running W7 Home Premium. I have Comodo installed (firewall and Anti-virus). This seems like a dumb question, but:
    when I look at services.msc I see that not only have Comodo services started, but the service for Defender and the Windows firewall are also started.

    Should I disable the Defender and Windows Firewall services (because of potential conflicts with Comodo), or leave well enough alone?

    I'm asking because I dont like to muck around with W7 if I dont have too.

    Thanks,
    Dick

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Leave well enough alone. Windows defender is not an anti-virus solution. It is an anti-spyware solution. Leave the firewall alone. A properly written third party firewall will communicate with Windows when it is initialized so it can take over for the Windows firewall. The Windows firewall is used when you boot the system until the Comodo firewall is loaded and initialized.

    Joe
    Joe

  3. #3
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    874
    Thanks
    517
    Thanked 35 Times in 27 Posts
    JoeP:
    Thanks. Your clear explanation saved me from screwing up a good thing. Much obliged.
    Dick

  4. #4
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Wink

    Hi Dick :

    I have seen many experts recommend "disabling" the Windows-based
    firewall once you have successfully installed a 3rd-party software
    firewall, like Comodo's ( I do not recommend Comodo products ) .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  5. #5
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Quote Originally Posted by Robin Taylor View Post
    I have seen many experts recommend "disabling" the Windows-based
    firewall once you have successfully installed a 3rd-party software
    firewall, like Comodo's ( I do not recommend Comodo products ) .
    Disabling the Windows firewall is definitely the wrong move now. Since XP SP-2 and maybe SP-1 (I can't remember that far back), a properly written third party firewall will notify Windows when it is initialized and ready to take over for the Windows firewall. You should NOT disable the Windows firewall as it protects your PC during the boot process before the third party firewall is loaded and initialized.

    Joe
    Joe

  6. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    874
    Thanks
    517
    Thanked 35 Times in 27 Posts
    I thought I'd give some feedback to close the loop, and maybe help someone else regarding my initial question;
    Leaving well enough alone, I continued to run Windows Defender and Comodo Internet Security (free version, release 4.)
    The Alert Center told me I had a security message. The message was that I was running 2 anti-spyware programs, and that could cause my system to slow down.
    So, since Comodo's Defense Plus is also an anti-spyware subsystem, I right clicked on the Comodo icon on my taskbar and disabled Defense Plus.
    I then ran Gibson's Shield's-Up and failed the test. So I right-clicked on Comodo's icon again and set the Configuration to "proactive security."
    After rebooting, I reran Shield's-Up and passed the test.
    I also ran Comodo's Leak-Test software and got a 340 out of 340.
    In summary, I'm now running W7's and Comodo's firewalls; Comodo's anti-virus; and Microsoft's Defender for anti-spyware.
    Life is good.
    I hope this helps someone else.

    Dick

  7. #7
    New Lounger Greybird's Avatar
    Join Date
    Mar 2010
    Location
    Los Angeles
    Posts
    9
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by JoeP View Post
    Disabling the Windows firewall is definitely the wrong move now. Since XP SP2 and maybe SP1 (I can't remember that far back), a properly written third party firewall will notify Windows when it is initialized and ready to take over for the Windows firewall. You should NOT disable the Windows firewall as it protects your PC during the boot process before the third party firewall is loaded and initialized.
    I have to wonder about this. Why, then, would XP's Security Center applet (and its linked XP Help Center topic) so strenously insist that one should not run multiple firewalls?

    As it did just now, when I temporarily re-activated Windows Firewall. I normally use Comodo's pre-security-suite firewall (v3.0.25.378). Security Center will recognize, in real time, that either no, one (by name), or multiple firewalls are running.

    You're suggesting that the built-in Windows Firewall provides a unique level of protection, one that no other product can create. Not even when Comodo's firewall is loaded as an XP background service before the Windows user interface appears, at the same time as anti-virus real-time scanning services. And at the same time as the "Windows Firewall / ICS" system service, which runs in "Automatic" mode whether or not you've actually turned on the Windows Firewall.

    The only distinction I can see is that Comodo's firewall runs for each logged-on user (the process "cfp.exe"), whereas the Windows Firewall isn't listed as a separate process in Task Manager. Given that Comodo activates for each user before that user can even begin to use XP, I really don't see the practical difference.

    I also seriously doubt that Microsoft would strongly advise turning off any and all additional firewalls, if a feature of its own product offered unique protections. XP's Security Center does not show any built-in "preference" for the Windows Firewall — which may have started with the legal pressures that brought about XP's Service Pack 1.

  8. #8
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Quote Originally Posted by Steve Reed View Post
    I have to wonder about this. Why, then, would XP's Security Center applet (and its linked XP Help Center topic) so strenously insist that one should not run multiple firewalls?

    As it did just now, when I temporarily re-activated Windows Firewall. I normally use Comodo's pre-security-suite firewall (v3.0.25.378). Security Center will recognize, in real time, that either no, one (by name), or multiple firewalls are running.

    You're suggesting that the built-in Windows Firewall provides a unique level of protection, one that no other product can create. Not even when Comodo's firewall is loaded as an XP background service before the Windows user interface appears, at the same time as anti-virus real-time scanning services. And at the same time as the "Windows Firewall / ICS" system service, which runs in "Automatic" mode whether or not you've actually turned on the Windows Firewall.

    The only distinction I can see is that Comodo's firewall runs for each logged-on user (the process "cfp.exe"), whereas the Windows Firewall isn't listed as a separate process in Task Manager. Given that Comodo activates for each user before that user can even begin to use XP, I really don't see the practical difference.

    I also seriously doubt that Microsoft would strongly advise turning off any and all additional firewalls, if a feature of its own product offered unique protections. XP's Security Center does not show any built-in "preference" for the Windows Firewall — which may have started with the legal pressures that brought about XP's Service Pack 1.
    Running multiple firewalls is strongly discouraged because of the real time nature of the communications activity and the potential for creating deadlocks when more than one high priority process is trying to access the same resources.

    If you install a third party firewall that properly communicates with Windows there is no reason to disable the Windows firewall. Windows will let the thrid party firewall take over those duties when the third party firewall notifies Windows that it is ready to do so. So, you are not really running two firewalls simultaneously.

    The Windows firewall is started when the networking services are started. This happens fairly early in the boot process. At that time, Windows has no idea about any third party firewall so no third party firewall is started. Granted, it is generally a relatively short period of time that your system could be unprotected but it is there and that is why you should leave the Windows firewall alone.

    Joe
    Joe

  9. #9
    New Lounger Greybird's Avatar
    Join Date
    Mar 2010
    Location
    Los Angeles
    Posts
    9
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by JoeP View Post
    Running multiple firewalls is strongly discouraged because of the real time nature of the communications activity and the potential for creating deadlocks when more than one high priority process is trying to access the same resources.
    Exactly. Why ask for such trouble? Communications has its hooks into far more corners of the system than I want to risk messing with.

    If you install a third party firewall that properly communicates with Windows there is no reason to disable the Windows firewall. Windows will let the third party firewall take over those duties when the third party firewall notifies Windows that it is ready to do so. So, you are not really running two firewalls simultaneously.
    Despite what XP itself is telling me? I'm supposed to ignore the Security Center's explicit warnings? Why, then, would Microsoft make them display through at least two Service Pack updates?

    "Not really" has a meaning here for you, methinks, that no other commentator on the Net seems to have brought up as yet. I'd like to see some explicit guidance from MS itself, allowing or urging such double software firewalls against what its own OS advises, before I consider trying it. What links of this kind can you cite?

    The Windows firewall is started when the networking services are started. This happens fairly early in the boot process. At that time, Windows has no idea about any third party firewall so no third party firewall is started. Granted, it is generally a relatively short period of time that your system could be unprotected but it is there and that is why you should leave the Windows firewall alone.
    How early? What period of time? From when XP is loaded before the initial log-in screen? From before the OS is selected? And where are you getting this information?

    One of my points above was that the Windows Firewall is not the same as the "Windows Firewall / ICS" system service. The latter runs, in the default "Automatic" mode, whether or not you've turned on the former. The latter is what is initiated and runs from when XP first starts, not the former.

    You're making quite confident statements about how XP operates, and the precise sequence of system service events that, from what I can tell, are separated by microseconds or less. I'd simply like to see your sources, before I risk threatening my system's stability with active use of multiple software firewalls.

  10. #10
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,577
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Quote Originally Posted by Steve Reed View Post
    How early? What period of time? From when XP is loaded before the initial log-in screen? From before the OS is selected? And where are you getting this information?

    One of my points above was that the Windows Firewall is not the same as the "Windows Firewall / ICS" system service. The latter runs, in the default "Automatic" mode, whether or not you've turned on the former. The latter is what is initiated and runs from when XP first starts, not the former.

    You're making quite confident statements about how XP operates, and the precise sequence of system service events that, from what I can tell, are separated by microseconds or less. I'd simply like to see your sources, before I risk threatening my system's stability with active use of multiple software firewalls.
    The original posts that I saw were on Microsoft's technet site. See Here’s why SP2 is such an important update for Windows XP for a little information about when the firewall starts. I was wrong it starts even before the networks starts.

    I can tell you from my own experience that since XP SP-2 was released I've installed third party firewalls that are compatible with Windows (i.e. they comply with the Security Center interface requirements) on dozens but less than a hundred different systems with XP, Vista, & Windows 7. On NONE of those systems have I changed the Windows firewall setting. I've never had a complaint from the Security Center about multiple firewalls. I've never had a problem on any of those systems that would result from running multiple firewall simultaneously.

    But do whatever you please. That is the "personal" part of PC.

    Joe
    Joe

  11. #11
    New Lounger
    Join Date
    Dec 2009
    Location
    Mississauga, Ontario
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Here is what Microsoft advises regarding their firewall:

    Why you should only use one firewall. If you have more than one firewall installed on your computer, you should not have both firewalls turned on at the same time. Two firewalls turned on at the same time can cause compatibility problems that result in some programs not working correctly.

    To help protect your computer against viruses and other security threats, you should always have one firewall installed and turned on. Windows includes a firewall that is turned on by default. (However, some computer manufacturers and network administrators might turn it off.) If you want to install and run a second firewall, turn off Windows Firewall.

    For instructions about turning off Windows Firewall, see Turn Windows Firewall on or off.

  12. #12
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    966
    Thanks
    19
    Thanked 4 Times in 4 Posts
    I would have to side with Steve Reed here.

    Even IF the network comes up, the question is does a connection exist at that time through your ISP? In other words, when does logon occur? If the logon hasn't yet occurred, there is no way for external traffic to reach you.

    I also use Comodo and have the Windows firewall disabled. I have never had a problem doing this (I am running WinXP SP3).

    Also, how early does Comodo (and by extension, other 3rd party firewalls get started?

  13. #13
    New Lounger
    Join Date
    Feb 2010
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Comodo is adware

    I recently stopped using Comodo Firewall because Comodo did a very sneaky thing that messed up my computer. Without my permission they highjacked my DNS settings and thiscaused me to lose access to my Fritzbox router.

  14. #14
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    966
    Thanks
    19
    Thanked 4 Times in 4 Posts
    Quote Originally Posted by Mark Jacobs View Post
    Comodo is adware

    I recently stopped using Comodo Firewall because Comodo did a very sneaky thing that messed up my computer. Without my permission they highjacked my DNS settings and thiscaused me to lose access to my Fritzbox router.
    Bull. Comodo asks you during install IF you would like to use their DNS servers. You need to look at all the checkboxes when you do a software install, not just click the NEXT button with one hand while being distracted sending tweets with the other...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •