- Jan 28, 2013
- 319
Regarding Comodo
- Thread starter cruelsister
- Start date
- Status
Raul90
Level 14
- Feb 5, 2012
- 658
Very nice there cruelsister! I infact use that setup when I am not using Comodo HIPS. I just do not uncheck the sound as I want to get notified when I am using the other desktop
Oftentimes I use the HIPS to disable nasty programs wanting to "always" connect to home without my permission.
- Apr 13, 2013
- 3,150
NSG- I've been putting version 8 of Comodo through its paces and so far like it very well. The most important difference is for the Sandbox- instead of all the different levels (which just led to confusion- and infection) they just went with my favorite, Full V. So now the only choice is to either Enable or Disable the Box.
The Firewall is basically the same with Safe Mode being the optimal (and Default) setting.
HIPS is also an Enable or Disable choice. The choice will be easy as HIPS is of no value (unless for those who get off on popups) if the sandbox is enabled all the HIPS will do is to alert you to malicious activity going on in a virtualized environment, which really is inconsequential. A big issue is made by some about the Cloud AV and VirusScope not being average at best. Totally true, but also of no consequence as long as the sandbox is enabled.
Hopefully the beta period will be a long one. I have CF8 installed on both my sacrificial malware system as well as my personal laptop, and if I run across anything significantly problematic I will of course report it here.
M
Forgot to mention one new thing- the other day I ran a file that I knew was VM aware. I ran the file, it loaded in the sandbox and after a minute I got a Behavior Blocker alert that an unknown file was requesting permission to run outside of the sandbox.
Smiling all the way, I denied the request and the malware file expired in malicious despair.
The Firewall is basically the same with Safe Mode being the optimal (and Default) setting.
HIPS is also an Enable or Disable choice. The choice will be easy as HIPS is of no value (unless for those who get off on popups) if the sandbox is enabled all the HIPS will do is to alert you to malicious activity going on in a virtualized environment, which really is inconsequential. A big issue is made by some about the Cloud AV and VirusScope not being average at best. Totally true, but also of no consequence as long as the sandbox is enabled.
Hopefully the beta period will be a long one. I have CF8 installed on both my sacrificial malware system as well as my personal laptop, and if I run across anything significantly problematic I will of course report it here.
M
Forgot to mention one new thing- the other day I ran a file that I knew was VM aware. I ran the file, it loaded in the sandbox and after a minute I got a Behavior Blocker alert that an unknown file was requesting permission to run outside of the sandbox.
Smiling all the way, I denied the request and the malware file expired in malicious despair.
Last edited:
- Nov 21, 2011
- 2,192
@cruelsister
Appreciate very much your commentary re BETA 8.
I am watching this with much interest.
Thanks again
Appreciate very much your commentary re BETA 8.
I am watching this with much interest.
Thanks again
@cruelsister
> "Fully Virtualized" do you turn this off from time to time? When restarting your PC?
> Are you using AppGuard with this set-up? If not why? Please!
> And are you using 360 Total Security or 360 Internet Security? If not which AV?
Kind regards,
> "Fully Virtualized" do you turn this off from time to time? When restarting your PC?
> Are you using AppGuard with this set-up? If not why? Please!
> And are you using 360 Total Security or 360 Internet Security? If not which AV?
Kind regards,
Thanks for the update cruelsister I haven't seen much news on the beta. I'm very impressed with version 7 set by your recommendation so I'm relieved to hear it is working well in the beta. Thanks again.
- Mar 8, 2013
- 49
Thank you cruelsister for your expertise when it comes to Comodo. I've always liked the fact that you are clear eyed and dispassionate in your evaluations. Your arguments are usually irrefutable because they are based on fact and very seldom on opinion alone. Because of that I find you to be a very reliable source of information I can count on. Please keep us updated on the 8 beta.
Thanks @cruelsister for the detailed setup information. I have Comodo firewall setup like this now cause hips is just not my cup of tea.
- Jun 22, 2014
- 719
HIPS are my cup of tea hence I`ve just installed CIS v5. Apart from the better GUI imo, it gave me some really nice popups to deal with already. Yum yum.
Good advice here on v8 should I ever feel the need to update to it.
Sandboxie still onboard as ever.
Regards Eck
Good advice here on v8 should I ever feel the need to update to it.
Sandboxie still onboard as ever.
Regards Eck
How to automatically sandbox all unknown files in CIS 8 like CIS 7 and CIS 6
It looks fit here in my opinion, maybe cruelsister should edit the first post according to this link.
It looks fit here in my opinion, maybe cruelsister should edit the first post according to this link.
- Dec 29, 2014
- 1,711
Tried CF for about 2 hours today, and I was unimpressed, but not because it doesn't do what it claims. Been using Private Firewall, and the GUI in CF absolutely makes no sense to me. I have everything set to manual in PF, but the manual settings for CF are buried deep in the program. That would be OK, considering the effectiveness of the program as reported here and across the net, except that the process of making the simpler decisions that CF makes possible are also buried.
I feel like they are making a serious effort to make CF install and forget. I commend Comodo for this, as firewalling is pretty burdensome. However, I want the GUI to reflect the functionality of the program or put another way to add to the understanding of exactly what's happening with each choice.
cruelsister's settings sound usable and almost completely hands off. I feel the need to know more, however. I really wish Comodo would break down the various tools and their elements better for user, especially with the GUI (more intuitive placement of settings dialogs) but also with the help dialog. The universal behavioral blocks are amazing, but their application clouds the functionality of the actual firewall as things are currently arranged. I have no idea how good this firewall really is.
One other thing. Should a firewall ever rely on cloud based monitoring? Idk, but I am not comfortable with this. I guess I just want to see someone create a firewall that uses just the local program to secure a PC.
I uninstalled Comodo, but I do feel that it's way closer than a year ago to being comprehendable for the typical everyday user. In this light, maybe Comodo should look to Private Firewall to see how to bring the bare bones manual elements of firewalling more to the front. And, yes, they need to be separated from the behavioral elements of the program, so that users can actually see what they have with CF. Bring them in with the features and flashing lights and front page activated notifications and then show them a real firewall directly behind this I say...
I feel like they are making a serious effort to make CF install and forget. I commend Comodo for this, as firewalling is pretty burdensome. However, I want the GUI to reflect the functionality of the program or put another way to add to the understanding of exactly what's happening with each choice.
cruelsister's settings sound usable and almost completely hands off. I feel the need to know more, however. I really wish Comodo would break down the various tools and their elements better for user, especially with the GUI (more intuitive placement of settings dialogs) but also with the help dialog. The universal behavioral blocks are amazing, but their application clouds the functionality of the actual firewall as things are currently arranged. I have no idea how good this firewall really is.
One other thing. Should a firewall ever rely on cloud based monitoring? Idk, but I am not comfortable with this. I guess I just want to see someone create a firewall that uses just the local program to secure a PC.
I uninstalled Comodo, but I do feel that it's way closer than a year ago to being comprehendable for the typical everyday user. In this light, maybe Comodo should look to Private Firewall to see how to bring the bare bones manual elements of firewalling more to the front. And, yes, they need to be separated from the behavioral elements of the program, so that users can actually see what they have with CF. Bring them in with the features and flashing lights and front page activated notifications and then show them a real firewall directly behind this I say...
- Apr 13, 2013
- 3,150
Elemec- First off, what settings are you using for Comodo? As you have Qihoo TS installed (I hop at default), there would be absolutely no need for the Comodo HIPS module to be enabled (assuming that you have it active). As for Malwarebytes, you don't mention if you have it as Real-time or not. My STRONG suggestion is just keep MB as an on-demand app.
In short,
1), CF- HIPS off, Sandbox on. Change the Configuration setting to Proactive.
2). Qihoo TS 6- keep this at Default setting! There is no need to activate BD and (God forbid) Avira.
3). Disable Malwarebytes if you are using it as a real-time protector.
Please evaluate the above and inform us if any issues persist (also tell us the current settings that you are using so I can be mean to you).
In short,
1), CF- HIPS off, Sandbox on. Change the Configuration setting to Proactive.
2). Qihoo TS 6- keep this at Default setting! There is no need to activate BD and (God forbid) Avira.
3). Disable Malwarebytes if you are using it as a real-time protector.
Please evaluate the above and inform us if any issues persist (also tell us the current settings that you are using so I can be mean to you).
- Jan 23, 2015
- 111
I've been using the Free version of malware bytes , So it is only on-demand.
My comodo settings are exactly as you said , Hips off.
Unninstalled the bonus settings on 360 total security (So now is only with default)
My biggest question , Is what you mean by " Proactive " And " Full virtualized " ON auto sandbox , Right click comodo for activate it in said mode , But it just gives me activate , I click settings , It dont says those things
- Jan 23, 2015
- 111
Alright , Here the full info about it.
I'm using all the configurations/settings you said on your post , With exception of the " Full virtualized " One.
I'm using the proactive mode.
Default 360 total security.
Free-Malwarebytes Only On-Demand
[EDIT] : For enable Full virtualized mode , Do i just change sandbox setting by unmarking " Dont virtualize specific programs " ?
I'm using all the configurations/settings you said on your post , With exception of the " Full virtualized " One.
I'm using the proactive mode.
Default 360 total security.
Free-Malwarebytes Only On-Demand
[EDIT] : For enable Full virtualized mode , Do i just change sandbox setting by unmarking " Dont virtualize specific programs " ?
- Mar 15, 2011
- 13,070
- Jan 17, 2014
- 621
- Apr 13, 2013
- 3,150
Sorry I wasn't clear regarding the sandbox. In past versions, there were different levels of protection afforded by the sandbox- Partially Limited, Limited, Restricted, Untrusted, Full V- with the default being Partially Limited. With version 8, the default is now Full Virtualization- so as long as you enable the sandbox you are set (nothing else is needed or should be done).
(Helpful Hint- Right click the Comodo icon in the tray and click on "Advanced View". It will close and when you Right click on it again you will not only see that you now have easy access to HIPS and Sandbox things. Also, the main GUI is a bit more informative)
Regarding the importance (and the reason) for changing the configuration from "Firewall Security" to "Proactive Security"- at default settings of the sandbox ONLY FILES RUN FROM THE DOWNLOAD DIRECTORY WILL BE SANDBOXED (forgive the caps, but this is of extreme importance). One can change the settings so that potentially troublesome files found anywhere on your system will be sandboxed in one of two ways:
1). In Sandbox settings, edit the Origin of the first "Run Virtually" listing from "Internet" to "Any", or
2). Just change the configuration from Firewall security to Proactive security. This has an added benefit as it
will protect all critical COM interfaces (ignore the "Internet Security" configuration as this really only pertains to CIS- with the local AV).
If I was in any way unclear (as I tend to be), please ask anything you may want to know (don't be shy).
M
(Helpful Hint- Right click the Comodo icon in the tray and click on "Advanced View". It will close and when you Right click on it again you will not only see that you now have easy access to HIPS and Sandbox things. Also, the main GUI is a bit more informative)
Regarding the importance (and the reason) for changing the configuration from "Firewall Security" to "Proactive Security"- at default settings of the sandbox ONLY FILES RUN FROM THE DOWNLOAD DIRECTORY WILL BE SANDBOXED (forgive the caps, but this is of extreme importance). One can change the settings so that potentially troublesome files found anywhere on your system will be sandboxed in one of two ways:
1). In Sandbox settings, edit the Origin of the first "Run Virtually" listing from "Internet" to "Any", or
2). Just change the configuration from Firewall security to Proactive security. This has an added benefit as it
will protect all critical COM interfaces (ignore the "Internet Security" configuration as this really only pertains to CIS- with the local AV).
If I was in any way unclear (as I tend to be), please ask anything you may want to know (don't be shy).
M
- Jan 23, 2015
- 111
Almost everything done. Here it says that the first " Run virtually " Is going to open Every/any file , And the reputation is " Unrecogonized
- Status
