- Nov 27, 2016
- 31
My question: Am i protected with ONLY Comodo Firewall with everything turned on or i need an antivirus alongside with comodo?
Am I protected with COMODO Firewall only?
- Thread starter Jashin
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
- Nov 19, 2014
- 2,344
As long as someone doesn't find a Comodo bypass, you don't mess the settings and Comodo doesn't whitelist a malware and then you are hit with it because they notice then you are protected.
EDIT: After @Yash Khan comment remember to enable proactive profile for what i said to apply. Main protection comes from the sandbox.
EDIT: After @Yash Khan comment remember to enable proactive profile for what i said to apply. Main protection comes from the sandbox.
Last edited:
I guess if you install CFW only then AutoSandbox is disabled by default?
- Nov 19, 2014
- 2,344
Hmm not 100% sure and you might be right. He should enable proactive profile anw.
If you are using the AutoSandbox feature and everything is configured correctly and working then you should be fine - the chances of you running into new unknown malware which will bypass the Comodo Sandbox is very small, how many people have you seen talk about how this happened to them? You've probably seen none, because it takes lots of expertise and knowledge on the product internals to do this, and most people with this expertise are on the good side trying to report the vulnerabilities to the vendors for money rewards, instead of risking themselves to facing jail time by helping black hat hackers. A lot of the "vulnerabilities" posted online about real sandbox bypasses are flawed one way or another (e.g. user error or just a bug as opposed to virtualised malware really gaining access to the host from the guest).
Regardless, don't be click-happy just because you are using an auto-sandbox otherwise you'll be begging for an infection. Make sure you still apply good online practises: don't handle attachments from unknown e-mails, don't run programs you are unsure of, and don't randomly visit websites found on search engines which appear to be suspicious.
You are always the first line of defence, remember this, drill this message into your brain... Never forget it.
Regardless, don't be click-happy just because you are using an auto-sandbox otherwise you'll be begging for an infection. Make sure you still apply good online practises: don't handle attachments from unknown e-mails, don't run programs you are unsure of, and don't randomly visit websites found on search engines which appear to be suspicious.
You are always the first line of defence, remember this, drill this message into your brain... Never forget it.
- Nov 27, 2016
- 31
- Jun 24, 2016
- 2,400
Enable autosandbox (disabled by default), turn on proactive defense, enable HIPS, check Filter IPv6 traffic, Block fragmented IP traffic, Do Protocol Analysis, Enable anti-ARP spoofing.
Set Sanboxto "All Applications", "All" locations/origins, file rating "Unrecognized" and restrict level "Untrusted".
Set Sanboxto "All Applications", "All" locations/origins, file rating "Unrecognized" and restrict level "Untrusted".
- Nov 27, 2016
- 31
- Nov 27, 2016
- 31
LAST QUESTION: Should i remove AVG Internet Security and install ONLY Comodo Proactive Defence(with HIPS,firewall and auto-sandbox)or again Comodo FW and Panda Free AV???
- Jul 3, 2015
- 8,153
I would not run a security suite along with COMODO. That's not necessary and might cause conflicts. The most you need, assuming you like the idea of layered protection, is a light AV, such as Panda or Avast or Windows Defender.
I also beg to differ with some of the paranoid settings for COMODO that you were suggested.
I agree that proactive mode is a wise choice. But I would keep the default sandbox settings of proactive mode, and turn off the HIPS.
If you want extra protection, you could run your browser (and other sensitive apps) in sandbox.
- Nov 27, 2016
- 31
- Jul 3, 2015
- 8,153
because autosandbox will stop any unrecognized file from executing, from anywhere on your PC, if you are in proactive config.
HIPS just controls what an unsandboxed file is allowed to do. If you don't let it out of the sandbox, you are always safe.
And if the file is not autosandboxed, because it is trusted, then HIPS will not give you alerts for it anyway. So you don't gain anything from HIPS, except in exceptional situations.
- Mar 15, 2011
- 13,070
To answer the question.
Yes but with proper configuration.
Autosandbox is very powerful that sometimes can mislead to mistakes because of the nature where relies on reputation based.
HIPS on the other hand is different compare on version 4 or 5 of Comodo; it controls based on auto-sandbox mechanism unless you disabled it.
Yes but with proper configuration.
Autosandbox is very powerful that sometimes can mislead to mistakes because of the nature where relies on reputation based.
HIPS on the other hand is different compare on version 4 or 5 of Comodo; it controls based on auto-sandbox mechanism unless you disabled it.
When I used COMODO myself I usually set it to block any unrecognised files - tested them in a virtual machine first - upload it to Virus Total if I was at all unsure.
- Status
