shmu26

Level 83
Verified
Trusted
Content Creator
Comodo at CS settings will gain extra protection from OSA. This is especially true if you enable some of the advanced settings, but this is not necessary. OSA at default settings has protections that Comodo as CS settings does not have.
 
D

Deleted member 178

Can people stop with CS settings, comodo has an HIPS since its first build for what?
@cruelsister strongly dislike any HIPS, hence her personal setting that prioritize the sandboxing capabilities of Comodo.
If you don't mind using comodo's HIPS , you won't need any extra softs.
Stop being sheeps and learn how to use the product...
 

shmu26

Level 83
Verified
Trusted
Content Creator
Can people stop with CS settings, comodo has an HIPS since its first build for what?
@cruelsister strongly dislike any HIPS, hence her personal setting that prioritize the sandboxing capabilities of Comodo.
If you don't mind using comodo's HIPS , you won't need any extra softs.
Stop being sheeps and learn how to use the product...
Well said, Umbra.
Comodo HIPS is really not as scary as people think. In fact, in the recent versions of Comodo, it works pretty smooth, as long as you don't tinker too much.
However, I will admit that to get Comodo HIPS to do what OSA does, well, that takes some time and patience. It is not install and forget.
 

Slyguy

Level 42
Verified
I'm very intrigued by your description of Cylance and like the idea of replacing my existing BD IS 2019 with it along with another product to handle URL filtering. Just a single home PC user, would a Chrome browser extension like Netcraft or possibly the MB extension be suitable? Saw you mentioned Heimdal, would their free version be sufficient? TIA!
Interesting, and yes, a browser URL filter would be more than sufficient with Cylance. That's actually a great idea, using something like the Microsoft Defender Extension should fill the major gap of Cylance.
 
  • Like
Reactions: Bill K

SearchLight

Level 9
Verified
Well said, Umbra.
Comodo HIPS is really not as scary as people think. In fact, in the recent versions of Comodo, it works pretty smooth, as long as you don't tinker too much.
However, I will admit that to get Comodo HIPS to do what OSA does, well, that takes some time and patience. It is not install and forget.
If one were to turn on the CFW HIPS and use it alone, what would be adequate settings that would involve little tinkering for the average user?

Secondly, could CS settings be left as they are or should CFW reset.

Right now I have NOD32 running alongside CF with no conflict with C's settings.
 
Last edited:

shmu26

Level 83
Verified
Trusted
Content Creator
If one were to turn on the CFW HIPS and use it alone, what would be adequate settings that would involve little tinkering for the average user?

Secondly, could CS settings be left as they are or should CFW reset.

Right now I have NOD32 running alongside CF with no conflict with C's settings.
So if you are on CS settings, you could just put CFW HIPS at safe mode, and you are good to go. I would bet you won't even notice the difference in everyday usage. Just when you install or update certain programs, you will get more prompts.
 

SearchLight

Level 9
Verified
So if you are on CS settings, you could just put CFW HIPS at safe mode, and you are good to go. I would bet you won't even notice the difference in everyday usage. Just when you install or update certain programs, you will get more prompts.
Good to know. So for clarity, I should uninstall NOD32, turn on Safe Mode HIPS. and I will be fully covered?

What about OSA?
 
  • Like
Reactions: shmu26

shmu26

Level 83
Verified
Trusted
Content Creator
After you get used to HIPS in safe mode without tweaks, then you can try some simple tweaks.

One thing that I like to do, it's not too hard, is to improve protection for cmd.exe.
Advanced Protection/Miscellaneous/Do heuristic for certain applications
Look for cmd.exe in the list, and enable embedded code detection.
If you find that things you need to use get blocked, make exception for that instance of cmd.exe in autocontainment, and set that instance of cmd.exe as "unrecognised" in the file list.
Then, whitelist actions as needed.
 

shmu26

Level 83
Verified
Trusted
Content Creator
Good to know. So for clarity, I should uninstall NOD32, turn on Safe Mode HIPS. and I will be fully covered?

What about OSA?
I can't answer you about NOD32, because I don't know how compatible it is with Comodo. But since it has a HIPS component, it is a potential source of conflict.
I personally would look for a simpler AV. If you have Comodo protection, and you are on windows 10, Windows Defender is enough, especially if you enable some of the great advanced protections. Andy Ful's Configure_Defender makes that very easy to do. But it runs powershell scripts, so disable Comodo protection when you change your settings via Configure_Defender.
 

shmu26

Level 83
Verified
Trusted
Content Creator
I'm not CS (check my shoes if you're unsure), but I'm pretty sure she would tell you that CF w.CS settings needs no other companion security products... NOS32, OSA, or other.
Right. This discussion is based on the "dissenting opinion" that there is life beyond CS settings.
 
  • Like
Reactions: Slyguy and BryanB

SearchLight

Level 9
Verified
Right. This discussion is based on the "dissenting opinion" that there is life beyond CS settings.
So based on the various opinions presented, the final question is whether to activate HIPS or not to HIPS in CFcs.

Would I be correct in saying that one can not go wrong running CFcs alone either way?
 
  • Like
Reactions: shmu26

shmu26

Level 83
Verified
Trusted
Content Creator
So based on the various opinions presented, the final question is whether to activate HIPS or not to HIPS in CFcs.

Would I be correct in saying that one can not go wrong running CFcs alone either way?
I would say you are correct, unless there is something very unusual in your computer. Try it out, and see what happens. If you run into trouble, just disable HIPS, or troubleshoot/make necessary exceptions.
 

shmu26

Level 83
Verified
Trusted
Content Creator
What about OSA?
I think there is a lot to be gained from OSArmor. Especially if you enable some of the advanced settings. The potentially troublesome settings are color marked, so you can't go wrong.
The alternative is to run Comodo in paranoid mode, or do advanced tweaking. I would not recommend either of these, unless you really know what you are doing and you have a very high frustration level. For most folks, me included, it's easier to install OSArmor.
Once you start trying to push Comodo Firewall beyond its intended purpose, this is likely to "end in tears," and here I am quoting and heartily agreeing with @cruelsister.
 

shmu26

Level 83
Verified
Trusted
Content Creator
I wonder what Cruelsister thinks about teaming OSA with her Cf settings?
She has already made it clear many, many times that in her opinion, CFW at her special settings is all you need to protect your system. And if you try to run malware samples on your desktop, like she does in her vids, you will see that Comodo zaps them every time. It is very good against file-based malware. And that represents the garden-variety malware pretty well.
 

shmu26

Level 83
Verified
Trusted
Content Creator
Sums it up for me. Running Cf at her settings but for a little extra comfort, I turned on WD for now.

Thanks to everyone for the educational input:).
Use Configure_Defender ASR settings to beef up Windows Defender. It is great for MS Office exploits, which are very common and can be hard to block if they are well coded.