App Review Comodo Firewall 10 Setup

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

floalma

Level 4
Verified
Apr 5, 2015
182
This the blog Melih Abdulhayoğlu, CEO of Comodo Group.

At the end of this page, you will see a YT link to your WannaCry Ransomware video :

Ransomware PREVENTION – Yes it is POSSIBLE!
Ask your royalties to Melih, cruelsister ;):)

Source- The English is very fine, and probably better than many Americans! Thank you for you kind words, and although Comodo never consults with me (I had no idea they were going to link to this video), I can't complain as if only one person is saved from malware by using the superb Comodo Firewall I am content.
 

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
@ cruelsister beware the next law suite by Kaspersky is going to against you. since you have made me installed comodo by realising superb video whereas I was the long time user of Kaspersky

Haha... yes, I too am thinking of setting aside KTS and going back to CFW w/CS settings... and maybe throw in a dash of Avast Free (Tried Qihoo before and tired of the false positives).

And maybe I'll auction off my unused KTS serial :cool:
 

FrFc1908

Level 20
Verified
Top Poster
Well-known
Jul 28, 2016
950
@cruelsister , I saw that some antivirus companies banned you from testing the programs, could you tell me which companies were and do you know why this prohibition? Considering that his tests are impartial and very enlightening.


I do not think cs is going to elaberate on this question openly . besides that she is enjoying her holiday and I do not know when she will be back. I do know one company which critiqued her testing results and methods to death. and let me tell you it is one of the bigger , more popular ones out there. it is best to sent cs a pm and maybe she will answer you ;)
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
Managed to capture the notification last night :):

Clipboard01.jpg
 

VeeekTor

Level 5
Verified
May 16, 2017
197
I do not think cs is going to elaberate on this question openly . besides that she is enjoying her holiday and I do not know when she will be back. I do know one company which critiqued her testing results and methods to death. and let me tell you it is one of the bigger , more popular ones out there. it is best to sent cs a pm and maybe she will answer you ;)

Signed:
Cruel Sisters Agent.
 

secureguy109g

Level 1
Jun 21, 2017
3
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running Comodo Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via Comodo popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!

One question, though, about her settings:

On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55

On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57

Question: which is "correct" and what are the pros/cons of each?

As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.

Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.

And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.

Here are CS settings when you feel comfort to use them.
 

Prayag

Level 4
Verified
Well-known
Mar 27, 2017
160
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running COMODO Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via COMODO popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!

One question, though, about her settings:

On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55

On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57

Question: which is "correct" and what are the pros/cons of each?

As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.

Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.

And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.

block option will block all those files that needs privilege escalation rather than sandboxing them.
Block will block the unknown file that needed privileges,so the file will not even run.
Isolate will sandbox that file.
So isolate is a better choice as it will provide much better use experience and will let you to run any file in sandbox rather than block it at 'block' settings.
The protection will remain unchanged as all the changes will be sandboxed while the most critical changes will not be allowed.
 

EASTER

Level 4
Verified
Well-known
May 9, 2017
159
There are plenty of useful ways to config and CS is a peach to share her own easy go lucky but safe set up rules.

I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people. :rolleyes:

The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)

However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.

That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).

Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
 

darko999

Level 17
Verified
Well-known
Oct 2, 2014
825
The only thing I haven't deal with since I use Comodo FW is if I should allow Multicast traffic. I haven't find how to disable such feature if needed.
1MPU50t.png
 
  • Like
Reactions: ZeroDay

VeeekTor

Level 5
Verified
May 16, 2017
197
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running COMODO Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via COMODO popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!

One question, though, about her settings:

On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55

On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57

Question: which is "correct" and what are the pros/cons of each?

As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.

Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.

And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.



Rodneys video is REALLY CS video, just edited (only the settings), and a music change. JFYI
 
  • Like
Reactions: ZeroDay

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
There are plenty of useful ways to config and CS is a peach to share her own easy go lucky but safe set up rules.

I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people. :rolleyes:

The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)

However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.

That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).

Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
It will only forget your rules if you do something radical, like run it in paranoid mode, or something along those lines. If you run HIPS in safe mode, like most ordinary mortals do, you will probably never meet the disappearing rules bug.

By the way, if you like to tweak, it's good to tweak the embedded code detection. It is disabled by default for a lot of vulnerable processes, so it will not annoy beginners and complainers.
See how much of it you can enable on your system, without it becoming too annoying. You might be able to enable everything without a problem.
 

Sephiroth Source

Level 2
Verified
Jul 13, 2015
65
I have a question regarding the use of Comodo Firewall with Cruel Sister settings in conjunction with Malwarebytes Anti Exploit, can there be any incompatibility between the two? I ask that I apologize if I posted in the wrong place, I do not know if I should open a new post so I asked around here. Thanks for the help and patience.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
I have a question regarding the use of Comodo Firewall with Cruel Sister settings in conjunction with Malwarebytes Anti Exploit, can there be any incompatibility between the two? I ask that I apologize if I posted in the wrong place, I do not know if I should open a new post so I asked around here. Thanks for the help and patience.
An anti-exploit is unnecessary with CF using CS settings. Any malicious payload dropped by the exploit will end up sandboxed.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,716
An anti-exploit is unnecessary with CF using CS settings. Any malicious payload dropped by the exploit will end up sandboxed.

Maybe the resources could be better spent on an anti-ransomeware app like AppCheck or WinAnti-Ransome? That is if you don't have something like this already. Honestly, Secure Folders is something to think about adding I feel too.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,822
Maybe the resources could be better spent on an anti-ransomeware app like AppCheck or WinAnti-Ransome? That is if you don't have something like this already. Honestly, Secure Folders is something to think about adding I feel too.
Anti-ransomware is unnecessary too. The ransomware sample will be automatically isolated from the rest of the system when executed, carry out its encryption on absolutely nothing and then spring up its ransom note. Now all the user has to do is go ahead and reset the sandbox; terminating the ransomware and its ransom note. No files encrypted, no malicious activity taking place on the system.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top