F
ForgottenSeer 97327
Security is an emotion and what is right for you may be wrong to others, so it is a wise decision to stop debating this.
A Comodo Firewall Beta 2 Quick Dance
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
F
ForgottenSeer 103564
That's the problem, everyone is looking at what's right for them directly instead of the whole. Security is not a joke as you make it. Neither is advising others for your own gain. What you do effects others Mr haha
I just installed CF 12.3.1.8104 over previous, so far so good.
Agree, eg, that I for one found that I had to follow "someone else's instructions" ie cruelsister's (several years ago). Her video(s) with text make the configuration of the several CF settings simple enough for me to follow, IMO if the "average" user could not follow her video instructions, then most likely that user is below average. But agree with Ultimate Vision and Chuck57 to the extent that average user would not go looking to use CF. Any guest reading MT would soon understand that CF generates pros & cons from folks. Also assume most guests here do not consider themselves experts, that's why they're reading here. Unclear (to me) why some folks consider CF "dangerous" enough to post continuous "warnings" while I find other apps, more dangerous -- Avast has never run well for me, Eset Premium ate my win firewall this year, AppGuard gave me headaches, Acronis ate my hdd (once upon a time)...
(40 years later running software that works for me )WARNING to all you average users: learn how to use a reliable backup first. Learning how to maximize MS Defender 2d.
I'm not speaking for the average user. I'm speaking AS an average user. And I don't know why I've never encountered a Comodo bug. Maybe because I install it, set it to proactive, turn off HIPS, and click a couple of other boxes, and leave it alone. I don't try to understand Comodo or any other software. I only want Comodo and the others to do their job until the laptop/desktop dies of old age.
As for following someone else's instructions, of course I did, just like when I buy a new TV I skim the instruction manual (someone else's instructions), or buy a car and check the manual to find where things are and how they work (someone else's instructions).
Same here. I use her settings. I do recall her mentioning HIPS as being unnecessary in her setup, and a source of many of the bugs. I've never used any HIPS because I don't understand it or know how to set up a HIPS program. Nor do I know a blessed thing about coding. I looked at Python years ago and immediately spiraled into feelings of inadequacy. It ain't my "thing."I just installed CF 12.3.1.8104 over previous, so far so good.
Agree, eg, that I for one found that I had to follow "someone else's instructions" ie cruelsister's (several years ago). Her video(s) with text make the configuration of the several CF settings simple enough for me to follow, IMO if the "average" user could not follow her video instructions, then most likely that user is below average. But agree with Ultimate Vision and Chuck57 to the extent that average user would not go looking to use CF. Any guest reading MT would soon understand that CF generates pros & cons from folks. Also assume most guests here do not consider themselves experts, that's why they're reading here. Unclear (to me) why some folks consider CF "dangerous" enough to post continuous "warnings" while I find other apps, more dangerous -- Avast has never run well for me, Eset Premium ate my win firewall this year, AppGuard gave me headaches, Acronis ate my hdd (once upon a time)...
WARNING to all you average users: learn how to use a reliable backup first. Learning how to maximize MS Defender 2d.
...and I studied (took a course in) Fortran 55 years ago punching IBM cards, never followed thru to the "expert" level
I'm resisting the temptation. I've read on their forum that you can install directly over 8012, and others say you can't. Does the installation retain your settings?I just installed CF 12.3.1.8104 over previous, so far so good.
F
ForgottenSeer 103564
Oh its ok, let the users keep bashing, it takes many to gang up on one user just trying to help average users learn and be safe.
Not long ago in another thread the same cruel sister was chatting with a young man about testing malware, she encouraged it after being told the young man was only 15. Even with others stating VM's are not bullet proof she continued to encourage it. Well that user ended up posting in malware help section with an infection, on his parents network, a 15 year old, encouraged by the very same behavior here.
malwaretips.com
malwaretips.com
I helped that user repair files on his system, i turn around and see him asking for help to get back into testing again.
It simple, what we suggest and do here effects others, its seriously a responsibility and not a joke. I dont care what your motivations or narrative is, if it effects others in a negative way, im going to speak up. Yes i was going to stop doing this, until i realized a handful of users are truing hard to push some sort of narrative on others, and i cant sit back and watch that. It does not reflect well on this community or forum. I have known some of these users here for many years.
Cruelsis pushed on this, and used to work for fireeyes, she of all users knows better. So yes, i spoke up. There is literally nothing left to say now, other than be careful who you are influencing.
Not long ago in another thread the same cruel sister was chatting with a young man about testing malware, she encouraged it after being told the young man was only 15. Even with others stating VM's are not bullet proof she continued to encourage it. Well that user ended up posting in malware help section with an infection, on his parents network, a 15 year old, encouraged by the very same behavior here.
Was infected, want to reverse damage caused.
I was infected a while back by accidentally running a piece of malware I was trying to analyze. I had to turn off AV protection to upload it to analysis sites as it was detected and I must have accidentally ran it. After I turned the AV back on it was detected and removed by Kaspersky’s Advanced...
malwaretips.com
Serious Discussion - How to set up a safe environment for Malware Testing
Hello. I’ve been doing a small amount of Malware Analysis recently and I want to make a safe malware environment for running malware. The main thing I am concerned about is getting infected, I need to make sure that nothing can escape the VM and infect my host, or spread through the network. I...
malwaretips.com
I helped that user repair files on his system, i turn around and see him asking for help to get back into testing again.
It simple, what we suggest and do here effects others, its seriously a responsibility and not a joke. I dont care what your motivations or narrative is, if it effects others in a negative way, im going to speak up. Yes i was going to stop doing this, until i realized a handful of users are truing hard to push some sort of narrative on others, and i cant sit back and watch that. It does not reflect well on this community or forum. I have known some of these users here for many years.
Cruelsis pushed on this, and used to work for fireeyes, she of all users knows better. So yes, i spoke up. There is literally nothing left to say now, other than be careful who you are influencing.
You can import your settings which is the most reliable option. The betas have been leaving some leftover drivers which i end up having to remove manually if I want to fresh install. So, export your settings if your going to install and I would do a fresh install. The Drivers left over are cmdguard.inf and cmdhlp.inf
You can manually remove them by first listing the drivers: Dism /online /Get-Drivers /Format:Table and then running this command: pnputil /delete-driver oem(OEM NUMBER).inf /uninstall /force well, at least on my machine. I'm just thankful I can switch back to the Lycia theme so I have the more informative UI.
And in Los Alamos NM some years ago, two high school kids, 16 yrs old, broke into Los Alamos National Lab computers from their high school computer. Literally, got through LANL security. They were caught because the lab tracked back to the high school computer and they were the 2 using it at that time. There was no evil intent. They just, so they said, wanted to see if they could do it.
I'd venture there are kids out there light years ahead of many of us here. They grew up with the things, the same as I grew up with a pencil and later a pen.
I was the person who was testing malware. I’m the thread about malware removal, this was me accidentally running a malware file on my host system when I was trying to upload it to a sandbox. It wasn’t due to a member encouraging me to use a VM.Oh its ok, let the users keep bashing, it takes many to gang up on one user just trying to help average users learn and be safe.
Not long ago in another thread the same cruel sister was chatting with a young man about testing malware, she encouraged it after being told the young man was only 15. Even with others stating VM's are not bullet proof she continued to encourage it. Well that user ended up posting in malware help section with an infection, on his parents network, a 15 year old, encouraged by the very same behavior here.
Was infected, want to reverse damage caused.
I was infected a while back by accidentally running a piece of malware I was trying to analyze. I had to turn off AV protection to upload it to analysis sites as it was detected and I must have accidentally ran it. After I turned the AV back on it was detected and removed by Kaspersky’s Advanced...
Serious Discussion - How to set up a safe environment for Malware Testing
Hello. I’ve been doing a small amount of Malware Analysis recently and I want to make a safe malware environment for running malware. The main thing I am concerned about is getting infected, I need to make sure that nothing can escape the VM and infect my host, or spread through the network. I...
I helped that user repair files on his system, i turn around and see him asking for help to get back into testing again.
It simple, what we suggest and do here effects others, its seriously a responsibility and not a joke. I dont care what your motivations or narrative is, if it effects others in a negative way, im going to speak up. Yes i was going to stop doing this, until i realized a handful of users are truing hard to push some sort of narrative on others, and i cant sit back and watch that. It does not reflect well on this community or forum. I have known some of these users here for many years.
Cruelsis pushed on this, and used to work for fireeyes, she of all users knows better. So yes, i spoke up. There is literally nothing left to say now, other than be careful who you are influencing.
I do appreciate the concern about influencing people. I understand the risks associated with malware now and have stopped testing.
F
ForgottenSeer 103564
I was in that thread when you spoke to cruelsis about VM's. I mentioned it was not a good idea because a former mod here even had stuff escape onto his system, sound familiar?
I appreciate you not taking offense, as im trying to watch out for others, as some seem to think its no big deal how this effects others.
The only reason I tested it was because I had Kaspersky Default Deny on the host. With that, I’d assume it would be very hard for something to escape.
No one really is an average user and if CIS/CFW causes you issues, either seek help or use another product. There's a bit of a ways to go before this new CIS/CF really shows improvement and still lots of bugs to fix.
Yes, I've had the disappearing icon which would show up a few minutes later, windows security centre taking 10 minutes before recognizing CIS/CF being installed and maybe some visual glitches but as soon as I start messing around with whitelisting, tweaking HIPS to protect the entire drive and other lockdown settings, that's where I ran into issue.
You and do lots with comodo and tweak it all you want but it's not necessary. Yes the default config got dummed down some back in 2018/2019 but Containment showed it's true power by then. I learn from using CIS as I've trialled things over the years but backing up is a top tip if you really want to tweak it extensively.
Anyway, it's great when used simply and if your not having issues you can set and forget for the most part until you start installing uncommon software maybe Comodo hasn't vetted yet but you can always submit it, check VT and whitelist if your sure it's safe. Only a minor inconvenience really and if Comodo didn't work for me, I'd use some other product. (e.g. Hard_Configurator was my go to default deny when I went on a CIS hiatus).
Yes, I've had the disappearing icon which would show up a few minutes later, windows security centre taking 10 minutes before recognizing CIS/CF being installed and maybe some visual glitches but as soon as I start messing around with whitelisting, tweaking HIPS to protect the entire drive and other lockdown settings, that's where I ran into issue.
You and do lots with comodo and tweak it all you want but it's not necessary. Yes the default config got dummed down some back in 2018/2019 but Containment showed it's true power by then. I learn from using CIS as I've trialled things over the years but backing up is a top tip if you really want to tweak it extensively.
Anyway, it's great when used simply and if your not having issues you can set and forget for the most part until you start installing uncommon software maybe Comodo hasn't vetted yet but you can always submit it, check VT and whitelist if your sure it's safe. Only a minor inconvenience really and if Comodo didn't work for me, I'd use some other product. (e.g. Hard_Configurator was my go to default deny when I went on a CIS hiatus).
To ease your mind about me testing, I do not engage in VM testing. The only analysis I do is obtaining samples, putting them in sandboxes, and using K default deny to ensure I don’t accidentally start them.
F
ForgottenSeer 97327
As much as I hate to defend Mr Ultimate Friendly's take on this, I have to agree with our all knowing visionair: you better test malware in VM, not on your real system
Yep. I don’t test malware on any of my systems, I only upload it to the cloud.
cruelsister
Level 43
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Best Practice is to wait for the official release (mainly to avoid going to the trouble of the below for each Beta build). Once that is available:
1). The only settings from the previous build one must be cognizant of would be those of the Firewall (knowing which of your current applications that you don't want to call home for updates or whatever).
1b). As the HIPS is not suggested to be used, one can forget all of those rules.
2). Uninstall 8012
3). Install the officially released version, setting it up in the suggested way with the only addition of using the Lycia Theme (as noted above by ErzCrz).
4). Reboot and open up the applications that you've previously noted for the Firewall Rule changes one by one and apply them.
5). Easy, Easy...
I'll wait. The last version, 8012, is still more than adequate.
hmmm, since cruelsister did not mention anything, I assumed over 8012 was ok. It seemed ok but I will have to go back and look, later... I closed that VM to run another, checking a different software... (I stay smarter or dumber depending on who you ask by not reading comodo forum
)You may also like...
-
-
Malwarebytes Anti-Malware Premium BETA
- Started by Shadowra
- Replies: 44
-
-
Microsoft Defender Antivirus feat AI Defender
- Started by Shadowra
- Replies: 13
-
F-secure protection introducing firewall in the latest updates?- Started by RRlight
- Replies: 3