- Jun 14, 2020
- 77
I'm thinking of replacing Voodooshield Pro with Comodo's Internet Security but after some searching I can't find any info about his setup.
Thanks
Thanks
Where can I find @Cruelsisters Config?
- Thread starter klepto
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Jun 14, 2020
- 77
I love and miss so much all @cruelsister comments and videos (masterpieces, little gems).
After testing tons of different so called security software, Cruel-Comodo remains as the best relation between level-of-protection VS hardware performance.
I was wondering whether @cruelsister today still recommends same Cruel-Comodo settings. Or perhaps nowadays has @cruelsister found a different better alternative for Cruel-Comodo?
After testing tons of different so called security software, Cruel-Comodo remains as the best relation between level-of-protection VS hardware performance.
I was wondering whether @cruelsister today still recommends same Cruel-Comodo settings. Or perhaps nowadays has @cruelsister found a different better alternative for Cruel-Comodo?
- Mar 29, 2018
- 7,602
She hasn't advised any changes I'm aware of, so the video above is correct.
- Feb 7, 2014
- 1,540
For any Comodo newbies that may read this post, please know that the heart of Comodo's protection mechanism is Auto-containment- and this at ANY other setting than default. I suggest Restricted. Also, personally I don't feel that the HIPS is needed (except as Easter has stated above to track what a malicious file is doing for amusement) with Containment set properly.
The reason for the above statement is that both the default Containment setting and the HIPS module (even at Paranoid Mode) can result in system changes being made- which for me is unacceptable. Although the most common and most trivial can be the desktop background being changed (easy enough to rectify), a more serious (and greater pain to fix) is the inability of default Containment and Paranoid HIPS to prevent a malware file to utilize Windows Management Instrumentation (wmic.exe). This can lead to things like a System Reserved partition being created (a relatively current example of this sort of thingy is the Avaddon ransomware).
WMIC can (and has) be used for other nasty things, but setting up CF with the configuration that I have suggested will just laugh at stuff like this, which needless to say is Optimal.
M
cruelsister
www.wilderssecurity.com
The reason for the above statement is that both the default Containment setting and the HIPS module (even at Paranoid Mode) can result in system changes being made- which for me is unacceptable. Although the most common and most trivial can be the desktop background being changed (easy enough to rectify), a more serious (and greater pain to fix) is the inability of default Containment and Paranoid HIPS to prevent a malware file to utilize Windows Management Instrumentation (wmic.exe). This can lead to things like a System Reserved partition being created (a relatively current example of this sort of thingy is the Avaddon ransomware).
WMIC can (and has) be used for other nasty things, but setting up CF with the configuration that I have suggested will just laugh at stuff like this, which needless to say is Optimal.
M
cruelsister
Comodo Auto-Containment - comparable to Sandboxie ?
Hi, I have switched to Comodo Internet Security's Auto-Containment; because it works with my YubiKey. Whereas Sandboxie doesn't. Are the 2 products...
www.wilderssecurity.com
- Sep 20, 2016
- 116
I setup CF like Cruelsister but I have problem.
Firewall block Google processes,Kaspersky free processes,Windows processes.Google sometime crash Kaspersky and Windows 10 work ok. I white list Kaspersky and Google Chrome and Windows 10 processes but Google Chrome crash.I unistall Comodo Firewall maybe i will install it but will like to have no problems. Could someone help me?!
Firewall block Google processes,Kaspersky free processes,Windows processes.Google sometime crash Kaspersky and Windows 10 work ok. I white list Kaspersky and Google Chrome and Windows 10 processes but Google Chrome crash.I unistall Comodo Firewall maybe i will install it but will like to have no problems. Could someone help me?!
- Dec 12, 2016
- 1,334
Sorry for the bad recommendation removed the comment so people won't follow
Last edited:
- Apr 24, 2016
- 7,242
The Google Chrome crashes could be unrelated to Comodo Firewall:
Users report constant Chrome crashes on Windows 10, possible workarounds listed [Update]
Users on Reddit and Google's forums have begun reporting constant Chrome crashes on Windows 10 since yesterday. There are a few workarounds to fix the issue, but an official fix might be out soon.
www.neowin.net
- Aug 19, 2019
- 1,164
Are you trying to run Chrome in the Sandbox/Container? You need to add rule manually for Chrome to do tha with her settings. The Comodo Log should indicate if anything was blocked. Otherwise, it may be as @Gandalf_The_Grey linked.
- Apr 24, 2016
- 7,242
How-to setup sandboxed browsers is described in part 2 of the video linked by @Arequire
- Sep 20, 2016
- 116
If I put firewall in training mode it will allow both good and bad things is that a good idea?
I install CF,Google Chrome crashes but it is problem with Google Chrome version xDThe Google Chrome crashes could be unrelated to Comodo Firewall:
Users report constant Chrome crashes on Windows 10, possible workarounds listed [Update]
Users on Reddit and Google's forums have begun reporting constant Chrome crashes on Windows 10 since yesterday. There are a few workarounds to fix the issue, but an official fix might be out soon.
no but I know what you are writing about and thank you all for your help.
Now I withlist Kasperky,Google Chrome but I have one last problem if I set in firewall setting Do not show popup alerts Block Requests if I run some apps firewall will block some process from apps and Windows System32 Svchost.exe but if I uncheck setting it will allow apps and Svchost.
I will withlist apps and svchost but if I live setting do not show popup alerts Block requests it will block new apps new process is these setting important?
- Apr 5, 2021
- 619
@XxX Legolas XxX
did you review the CF logs to see what exactly is happening? From these events you should be able to modify existing rules or create new rules to rectify the issues.
EDIT
Possibly something in your setup is misconfigured, because I believe CS' setup has Safe mode enabled, which should allow safe applications such as Chrome and Kaspersky to run and connect through firewall.
did you review the CF logs to see what exactly is happening? From these events you should be able to modify existing rules or create new rules to rectify the issues.
EDIT
Possibly something in your setup is misconfigured, because I believe CS' setup has Safe mode enabled, which should allow safe applications such as Chrome and Kaspersky to run and connect through firewall.
Last edited:
- Feb 7, 2014
- 1,540
Do not use training mode, I repeat don't use training mode, it will lower security, First order of installing CFW is to let it do what it have to, When it is finish it will tell you to restart the PC do that then when fully booted, go to configure firewall put it in proactive mode, then go to hips turn it off, then put the interface of the firewall in advance view, go to task hit the update button, when finish hit the scan button, this will take a couple seconds when it's finish, 8 options on the left 3 on the right will be there in a small box for you to use, if the OS that you're on is fresh hit trusted in the box on the upper right hand side, if the OS isn't fresh press on the untrusted file it will be highlighted in blue, it will give you a read out telling you if the said file is OS related or from any soft you have installed, it will also give you a link to the folder in which the file is in, so you can use VirusTotal or any verification site of your choosing to make sure the file is safe, if you don't know of any sites to verify a file,use Comodo own verifier, hit task go in to containment press on Watch Activity you will get a prompt asking you if to allow a file to run say yes and it will download killSwitch it's around 8mb install that, KillSwitch will be launched but that is not what you really want, what you want is an app in Killswitch name Auto-Run Analyzer, Go in to tools on killswitch options select it and let it run (make sure to pin them both to task bar) Killswitch by default runs in standard mode look to the bottom right side of killswitch and you will see a shield to run as admin reason for running it in admin mode is you will get more option, anyway Auto-run analyzer helps comodo whitelist stuff that comodo has miss and it helps verify stuff more easily so you will get less blockage occurring, I will post some images they should help make things be more easy on you.
Attachments
Last edited:
- Sep 20, 2016
- 116
Thanks but I fix problem I uncheck in firewall settings: Do not show popup alerts Block Requests and now it not block some off process from my programs.
Now my question is whether I have now reduced the security ?
And of course now I have to decide whether to block something or not when I get a popup from the firewall.
Last edited:
- Feb 7, 2014
- 1,540
That depends on your CFW knowledge skill in that if it throws request at you about allowing stuff to connect in or out, how experience are to answer those correctly and or accurately that is why comodo provided that option to take that burden off of not so skilled users, so the question for you is are you qualified enough to handle it? Sometimes jumping straight into the water is better that wiggling your toes in it.
Last edited:
- Sep 20, 2016
- 116
If I check Do not show popup alert B.R. in firewall events show my:Microsoft Edge msedge.exe blocked in Google Chrome chrome.exe blocked,Windows system32 svchost.exe blocked,Kaspersky avp.exe blocked but if I unckeck Do not show... it will not block the exe process.In Ublock Applications I allow exe process but tomorrow I will install something else and it will block it so that it is better left as it is.
I have two questions picture number 6 for the computer in the building network zones home or public and picture 12 Website Filtering disabled way it not good or ?
Edit
Picture 3 updates 1 hours way it will only update new version of Comodo but new verison is one day a year ?
Last edited:
- Feb 7, 2014
- 1,540
I don't need website filter because my browser has an addon that handles that part for me. Network zone in public hardens the firewall more. It is users choice.
- Sep 20, 2016
- 116
Picture 3 updates 1 hours way it will only update new version of Comodo but new verison is one day a year and what addons you use.
Thank you for helping me a lot!!!
Last edited:
- Feb 7, 2014
- 1,540
Update data base is not what you think, comodo checks for updates to help with unknowns and VirusScope.
Attachments
Last edited:
