Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Comodo
Anyone has a list of Windows processes that are safe to always allowed by HIPS?
Message
<blockquote data-quote="ErzCrz" data-source="post: 973298" data-attributes="member: 81799"><p>You can set a firewall rule to block outgoing as it's one of those LOLbins but I wouldn't block runtimebroker unless it was determined to be unsafe. What you can do is create a custom rule for each of these so it ask's with a pop-up for each action but really, no necessary tweaks beyond the defaullt safe mode if your using containment.</p><p></p><p>[ATTACH=full]263830[/ATTACH]</p><p></p><p>Safe mode HIPS works off whether a file is certified safe in the file list.</p><p></p><p><strong>Safe Mode</strong>: While monitoring critical system activity, HIPS automatically learns the activity of executables and applications certified as 'Safe' by Comodo. It also automatically creates 'Allow' rules for these activities, if the checkbox '<a href="https://help.comodo.com/topic-72-1-766-9163-HIPS-Settings.html#ds_Create_rules_for_safe_applications" target="_blank">Create rules for safe applications</a>' is selected. For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run. Should you choose, you can add that new application to the HIPS rules list by choosing 'Treat as' and selecting 'Allowed Application' at the alert with 'Remember my answer' checked. This instructs the HIPS not to generate an alert the next time it runs. If your machine is not new or known to be free of malware and other threats then 'Safe Mode' is recommended setting for most users - combining the highest levels of security with an easy-to-manage number of HIPS alerts.</p></blockquote><p></p>
[QUOTE="ErzCrz, post: 973298, member: 81799"] You can set a firewall rule to block outgoing as it's one of those LOLbins but I wouldn't block runtimebroker unless it was determined to be unsafe. What you can do is create a custom rule for each of these so it ask's with a pop-up for each action but really, no necessary tweaks beyond the defaullt safe mode if your using containment. [ATTACH type="full" width="413px"]263830[/ATTACH] Safe mode HIPS works off whether a file is certified safe in the file list. [B]Safe Mode[/B]: While monitoring critical system activity, HIPS automatically learns the activity of executables and applications certified as 'Safe' by Comodo. It also automatically creates 'Allow' rules for these activities, if the checkbox '[URL='https://help.comodo.com/topic-72-1-766-9163-HIPS-Settings.html#ds_Create_rules_for_safe_applications']Create rules for safe applications[/URL]' is selected. For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run. Should you choose, you can add that new application to the HIPS rules list by choosing 'Treat as' and selecting 'Allowed Application' at the alert with 'Remember my answer' checked. This instructs the HIPS not to generate an alert the next time it runs. If your machine is not new or known to be free of malware and other threats then 'Safe Mode' is recommended setting for most users - combining the highest levels of security with an easy-to-manage number of HIPS alerts. [/QUOTE]
Insert quotes…
Verification
Post reply
Top