Advice Request CFW/cs & NVT OSArmor

[shmu26]

Comodo at CS settings will gain extra protection from OSA. This is especially true if you enable some of the advanced settings, but this is not necessary. OSA at default settings has protections that Comodo as CS settings does not have.

 

[Deleted member 178]

Can people stop with CS settings, comodo has an HIPS since its first build for what?
@cruelsister strongly dislike any HIPS, hence her personal setting that prioritize the sandboxing capabilities of Comodo.
If you don't mind using comodo's HIPS , you won't need any extra softs.
Stop being sheeps and learn how to use the product...

 

[Deleted Member 3a5v73x]

It's easier to create thread than read or search sub-forum, some just want fast direct answers. Many useful posts gets burden where knowledgeable users explains comodo settings in details and why it's redundant to use e.g. OSArmor alongside.

 

[shmu26]

Can people stop with CS settings, comodo has an HIPS since its first build for what?
@cruelsister strongly dislike any HIPS, hence her personal setting that prioritize the sandboxing capabilities of Comodo.
If you don't mind using comodo's HIPS , you won't need any extra softs.
Stop being sheeps and learn how to use the product...

Well said, Umbra.
Comodo HIPS is really not as scary as people think. In fact, in the recent versions of Comodo, it works pretty smooth, as long as you don't tinker too much.
However, I will admit that to get Comodo HIPS to do what OSA does, well, that takes some time and patience. It is not install and forget.

 

[ForgottenSeer 58943]

I'm very intrigued by your description of Cylance and like the idea of replacing my existing BD IS 2019 with it along with another product to handle URL filtering. Just a single home PC user, would a Chrome browser extension like Netcraft or possibly the MB extension be suitable? Saw you mentioned Heimdal, would their free version be sufficient? TIA!

Interesting, and yes, a browser URL filter would be more than sufficient with Cylance. That's actually a great idea, using something like the Microsoft Defender Extension should fill the major gap of Cylance.

 

[SearchLight]

Well said, Umbra.
Comodo HIPS is really not as scary as people think. In fact, in the recent versions of Comodo, it works pretty smooth, as long as you don't tinker too much.
However, I will admit that to get Comodo HIPS to do what OSA does, well, that takes some time and patience. It is not install and forget.

If one were to turn on the CFW HIPS and use it alone, what would be adequate settings that would involve little tinkering for the average user?

Secondly, could CS settings be left as they are or should CFW reset.

Right now I have NOD32 running alongside CF with no conflict with C's settings.

 

[shmu26]

If one were to turn on the CFW HIPS and use it alone, what would be adequate settings that would involve little tinkering for the average user?

Secondly, could CS settings be left as they are or should CFW reset.

Right now I have NOD32 running alongside CF with no conflict with C's settings.

So if you are on CS settings, you could just put CFW HIPS at safe mode, and you are good to go. I would bet you won't even notice the difference in everyday usage. Just when you install or update certain programs, you will get more prompts.

 

[SearchLight]

So if you are on CS settings, you could just put CFW HIPS at safe mode, and you are good to go. I would bet you won't even notice the difference in everyday usage. Just when you install or update certain programs, you will get more prompts.

Good to know. So for clarity, I should uninstall NOD32, turn on Safe Mode HIPS. and I will be fully covered?

What about OSA?

 

[shmu26]

After you get used to HIPS in safe mode without tweaks, then you can try some simple tweaks.

One thing that I like to do, it's not too hard, is to improve protection for cmd.exe.
Advanced Protection/Miscellaneous/Do heuristic for certain applications
Look for cmd.exe in the list, and enable embedded code detection.
If you find that things you need to use get blocked, make exception for that instance of cmd.exe in autocontainment, and set that instance of cmd.exe as "unrecognised" in the file list.
Then, whitelist actions as needed.

 

[shmu26]

Good to know. So for clarity, I should uninstall NOD32, turn on Safe Mode HIPS. and I will be fully covered?

What about OSA?

I can't answer you about NOD32, because I don't know how compatible it is with Comodo. But since it has a HIPS component, it is a potential source of conflict.
I personally would look for a simpler AV. If you have Comodo protection, and you are on windows 10, Windows Defender is enough, especially if you enable some of the great advanced protections. Andy Ful's Configure_Defender makes that very easy to do. But it runs powershell scripts, so disable Comodo protection when you change your settings via Configure_Defender.

 

[shmu26]

What about OSA?

Maybe @Umbra can tell us what he had in mind, when he said that you don't need OSA if you have Comodo with HIPS. I already gave one step in that direction, regarding cmd.exe protection, but there is more to do in that area...

 

[codswollip]

Good to know. So for clarity, I should uninstall NOD32, turn on Safe Mode HIPS. and I will be fully covered?

What about OSA?

I'm not CS (check my shoes if you're unsure), but I'm pretty sure she would tell you that CF w.CS settings needs no other companion security products... NOD32, OSA, or other.

 

[shmu26]

I'm not CS (check my shoes if you're unsure), but I'm pretty sure she would tell you that CF w.CS settings needs no other companion security products... NOS32, OSA, or other.

Right. This discussion is based on the "dissenting opinion" that there is life beyond CS settings.

 

[SearchLight]

Right. This discussion is based on the "dissenting opinion" that there is life beyond CS settings.

So based on the various opinions presented, the final question is whether to activate HIPS or not to HIPS in CFcs.

Would I be correct in saying that one can not go wrong running CFcs alone either way?

 

[shmu26]

So based on the various opinions presented, the final question is whether to activate HIPS or not to HIPS in CFcs.

Would I be correct in saying that one can not go wrong running CFcs alone either way?

I would say you are correct, unless there is something very unusual in your computer. Try it out, and see what happens. If you run into trouble, just disable HIPS, or troubleshoot/make necessary exceptions.

 

[shmu26]

What about OSA?

I think there is a lot to be gained from OSArmor. Especially if you enable some of the advanced settings. The potentially troublesome settings are color marked, so you can't go wrong.
The alternative is to run Comodo in paranoid mode, or do advanced tweaking. I would not recommend either of these, unless you really know what you are doing and you have a very high frustration level. For most folks, me included, it's easier to install OSArmor.
Once you start trying to push Comodo Firewall beyond its intended purpose, this is likely to "end in tears," and here I am quoting and heartily agreeing with @cruelsister.

 

[SearchLight]

I wonder what Cruelsister thinks about teaming OSA with her Cf settings?

 

[shmu26]

I wonder what Cruelsister thinks about teaming OSA with her Cf settings?

She has already made it clear many, many times that in her opinion, CFW at her special settings is all you need to protect your system. And if you try to run malware samples on your desktop, like she does in her vids, you will see that Comodo zaps them every time. It is very good against file-based malware. And that represents the garden-variety malware pretty well.

 

[SearchLight]

Sums it up for me. Running Cf at her settings but for a little extra comfort, I turned on WD for now.

Thanks to everyone for the educational input.

 

[shmu26]

Sums it up for me. Running Cf at her settings but for a little extra comfort, I turned on WD for now.

Thanks to everyone for the educational input.

Use Configure_Defender ASR settings to beef up Windows Defender. It is great for MS Office exploits, which are very common and can be hard to block if they are well coded.