dhaavi
commented
2 years ago Hey @EstherMoellman, thanks a lot for the suggestion!
There are big differences between Comodo and Portmaster:
- Portmaster focuses on Privacy, while Comodo focuses on Security. Yes, there is quite some overlap, but focus matters.
- Comodo is not just a firewall, it's an antivirus - which Portmaster is clearly not.
You may say that Containment is an antivirus function.
I would say that containment is an OS function. Linux et al. have been able to do that for quite some time now. Windows has it's own program for it: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview (IIRC there might be issues with Portmaster and Windows Sandbox - not sure though.)
Hardening PortMaster with a modern and friendly Containment function
Containment is a really hard problem to solve and requires considerable amounts of work for every platform we support.
Comodo Firewall is incredible lightweight
Doubt. ;)
PortMaster can become also great at SECURITY protection
I think the Portmaster will slowly mature in the direction of providing security, but it is not our focus.
In Conclusion: I perfectly understand your need and I think that your suggestion is great, but I don't see something like this happening in the future of Portmaster, especially because of the resources it would take to do this. Currently, we are a very small team. If that changes in the future, who knows what we will be able to achieve?
EstherMoellman
Raphty
What would you like to add or change?:
Please, I would like to request a new function: Containment + Auto-Containment.
Why do you and others need this?:
My request is inspired on Comodo Firewall and its Containment function. Comodo Firewall is incredible lightweight, and it has extra modules including Containment. IMHO this module is the most solid advantage of Comodo Firewall. The Firewall + Containment module work like an antivirus/anti-malware. Please see this video. In same youtube channel you may find different variations of configurations, and several tests. In short, Firewall + Containment is extremely powerful, a huge advantage over other firewalls.
Unfortunately Comodo became a kind of abandoned software, two years accumulating bugs. So now I replaced Comodo Firewall with PortMaster. First I missed Comodo Firewall' possibility of using customized filter-lists (and I already opened a request). Now I'm missing the Comodo Firewall' possibility of having Containment function. Yeah, guilty as charged : ), I'm trying to have in PortMaster what I had in Comodo Firewall.
But besides my personal needs, I do believe that Containment in a Firewall makes all the difference when compared to other similar software. That is because when critical processes and ports are enabled in the firewall (for example browsers, svchosts.exe, ports 80, 443, 53, 123 etc)... malware or malicious scripts may exploit them (regardless the best firewall). Containment is not the solution to this problem, but Containment minimizes that problem. Containment may isolate unknown processes and its connections, avoiding potential damages.
You may say that Containment is an antivirus function. With all due respect, I disagree. Not to mention that not every antivirus has Containment function. PortMaster is great precisely because it goes beyond standard firewalls, and PortMaster does it in a friendly, modern, and refreshing way. Hardening PortMaster with a modern and friendly Containment function... will confirm PortMaster as the best firewall on the market.
And last but not least, currently PortMaster is great mainly at PRIVACY protection. But with Containment function, PortMaster can become also great at SECURITY protection.
Thanks in advance!... and let's keep spreading the word : )