- Apr 22, 2015
- 637
@ cruelsister beware the next law suite by Kaspersky is going to against you. since you have made me installed comodo by realising superb video whereas I was the long time user of Kaspersky
Source- The English is very fine, and probably better than many Americans! Thank you for you kind words, and although Comodo never consults with me (I had no idea they were going to link to this video), I can't complain as if only one person is saved from malware by using the superb Comodo Firewall I am content.
@ cruelsister beware the next law suite by Kaspersky is going to against you. since you have made me installed comodo by realising superb video whereas I was the long time user of Kaspersky
@cruelsister , I saw that some antivirus companies banned you from testing the programs, could you tell me which companies were and do you know why this prohibition? Considering that his tests are impartial and very enlightening.
I do not think cs is going to elaberate on this question openly . besides that she is enjoying her holiday and I do not know when she will be back. I do know one company which critiqued her testing results and methods to death. and let me tell you it is one of the bigger , more popular ones out there. it is best to sent cs a pm and maybe she will answer you
Here are CS settings when you feel comfort to use them.
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running COMODO Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via COMODO popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!
One question, though, about her settings:
On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55
On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57
Question: which is "correct" and what are the pros/cons of each?
As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.
Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.
And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running COMODO Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via COMODO popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!
One question, though, about her settings:
On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55
On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57
Question: which is "correct" and what are the pros/cons of each?
As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.
Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.
And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.
It will only forget your rules if you do something radical, like run it in paranoid mode, or something along those lines. If you run HIPS in safe mode, like most ordinary mortals do, you will probably never meet the disappearing rules bug.There are plenty of useful ways to config and CS is a peach to share her own easy go lucky but safe set up rules.
I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people.
The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)
However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.
That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).
Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
+1@secureguy109g
Hi, welcome, and I second your request that CS setup instructions be made a sticky thread.
An anti-exploit is unnecessary with CF using CS settings. Any malicious payload dropped by the exploit will end up sandboxed.I have a question regarding the use of Comodo Firewall with Cruel Sister settings in conjunction with Malwarebytes Anti Exploit, can there be any incompatibility between the two? I ask that I apologize if I posted in the wrong place, I do not know if I should open a new post so I asked around here. Thanks for the help and patience.
An anti-exploit is unnecessary with CF using CS settings. Any malicious payload dropped by the exploit will end up sandboxed.
Anti-ransomware is unnecessary too. The ransomware sample will be automatically isolated from the rest of the system when executed, carry out its encryption on absolutely nothing and then spring up its ransom note. Now all the user has to do is go ahead and reset the sandbox; terminating the ransomware and its ransom note. No files encrypted, no malicious activity taking place on the system.Maybe the resources could be better spent on an anti-ransomeware app like AppCheck or WinAnti-Ransome? That is if you don't have something like this already. Honestly, Secure Folders is something to think about adding I feel too.