- Apr 22, 2015
- 637
@ cruelsister beware the next law suite by Kaspersky is going to against you. since you have made me installed comodo by realising superb video whereas I was the long time user of Kaspersky
Comodo Firewall 10 Setup
- Thread starter cruelsister
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
This the blog Melih Abdulhayoğlu, CEO of Comodo Group.
At the end of this page, you will see a YT link to your WannaCry Ransomware video :
Ransomware PREVENTION – Yes it is POSSIBLE!
Ask your royalties to Melih, cruelsister
At the end of this page, you will see a YT link to your WannaCry Ransomware video :
Ransomware PREVENTION – Yes it is POSSIBLE!
Ask your royalties to Melih, cruelsister
- Jan 29, 2017
- 1,201
Haha... yes, I too am thinking of setting aside KTS and going back to CFW w/CS settings... and maybe throw in a dash of Avast Free (Tried Qihoo before and tired of the false positives).
And maybe I'll auction off my unused KTS serial
- Jul 13, 2015
- 65
@cruelsister , I saw that some antivirus companies banned you from testing the programs, could you tell me which companies were and do you know why this prohibition? Considering that his tests are impartial and very enlightening.
- Jul 13, 2015
- 65
I think I expressed myself wrong, some antivirus companies asked her not to test and publish the results on YouTube.
- Jul 28, 2016
- 950
I do not think cs is going to elaberate on this question openly . besides that she is enjoying her holiday and I do not know when she will be back. I do know one company which critiqued her testing results and methods to death. and let me tell you it is one of the bigger , more popular ones out there. it is best to sent cs a pm and maybe she will answer you
- Dec 29, 2014
- 1,711
- May 16, 2017
- 197
I do not think cs is going to elaberate on this question openly . besides that she is enjoying her holiday and I do not know when she will be back. I do know one company which critiqued her testing results and methods to death. and let me tell you it is one of the bigger , more popular ones out there. it is best to sent cs a pm and maybe she will answer you
Signed:
Cruel Sisters Agent.
Hello all. New user, first-time poster, relatively savvy, by no means an expert at what happens "under the hood." I'm running Comodo Firewall with 360 Total Security (Bitdefender on, Avira off, per CS) on a Windows 10 system. Like many of you, I found CruelSister's videos via Comodo popup, and was fascinated by CF's success and tried her settings and have had no problems. Excellent!
One question, though, about her settings:
On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55
On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57
Question: which is "correct" and what are the pros/cons of each?
As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.
Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.
And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.
One question, though, about her settings:
On Rodney's video, which CS links to approvingly from her latest YT post, he has Sandbox Settings as "do not show elevation privilege alerts" and then BLOCK. at 1:55
On CS's video, she has Sandbox Settings as "do not show elevation privilege alerts" and then ISOLATE/Run Inside Container. at 0:57
Question: which is "correct" and what are the pros/cons of each?
As an aside, I couldn't easily find a post that has CruelSister's settings here. Given that many use them (or Umbra's, which is featured prominently in a post and probably overly advanced for this relatively naive user), a new MalwareTips user like me had to read hundreds of posts before finding the helpful one to which I'm responding. Suggestion: it'd be helpful if CruelSister's settings were in a Sticky or something for easy reference.
Apologies if I've overlooked something obvious, thank you for your reading and helping this new guy out.
And Cruel Sister, thank you for your contribution to the security community. Your helpful videos are amazingly informative, surely require an abundance of time, and selflessly help PCs users fully realize the greatest possible security against a threatening world.
- Jul 3, 2015
- 8,153
@secureguy109g
Hi, welcome, and I second your request that CS setup instructions be made a sticky thread.
Hi, welcome, and I second your request that CS setup instructions be made a sticky thread.
- Mar 27, 2017
- 160
block option will block all those files that needs privilege escalation rather than sandboxing them.
Block will block the unknown file that needed privileges,so the file will not even run.
Isolate will sandbox that file.
So isolate is a better choice as it will provide much better use experience and will let you to run any file in sandbox rather than block it at 'block' settings.
The protection will remain unchanged as all the changes will be sandboxed while the most critical changes will not be allowed.
- May 9, 2017
- 145
There are plenty of useful ways to config and CS is a peach to share her own easy go lucky but safe set up rules.
I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people.
The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)
However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.
That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).
Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people.
The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)
However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.
That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).
Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
- May 16, 2017
- 197
Rodneys video is REALLY CS video, just edited (only the settings), and a music change. JFYI
- Jul 3, 2015
- 8,153
It will only forget your rules if you do something radical, like run it in paranoid mode, or something along those lines. If you run HIPS in safe mode, like most ordinary mortals do, you will probably never meet the disappearing rules bug.There are plenty of useful ways to config and CS is a peach to share her own easy go lucky but safe set up rules.
I'm an old hat in security and it still took me quite a bit of time because I can never leave well enough alone like most people.
The HIPS part I decided to leave it alone until a future update that preserves the ruleset (I didn't use it long enough to experience that error)
However I have opted to have the Containment Module to show Elevation attempts so to cure the urge for some HIPS-like decisions.
That FILE LIST is my favorite section configure-wise since you can also choose to label executable programs and some of those can be selected as UNRECOGNIZED (You MUST select/click and bring up the menu to which in turn they are activated).
Allows the Containment to bring some HIPS until the actual HIPS rules get fixed that you guys keep harping on is so bad about losing.
By the way, if you like to tweak, it's good to tweak the embedded code detection. It is disabled by default for a lot of vulnerable processes, so it will not annoy beginners and complainers.
See how much of it you can enable on your system, without it becoming too annoying. You might be able to enable everything without a problem.
- Apr 28, 2015
- 271
- Jul 13, 2015
- 65
I have a question regarding the use of Comodo Firewall with Cruel Sister settings in conjunction with Malwarebytes Anti Exploit, can there be any incompatibility between the two? I ask that I apologize if I posted in the wrong place, I do not know if I should open a new post so I asked around here. Thanks for the help and patience.
An anti-exploit is unnecessary with CF using CS settings. Any malicious payload dropped by the exploit will end up sandboxed.
- Dec 29, 2014
- 1,711
Maybe the resources could be better spent on an anti-ransomeware app like AppCheck or WinAnti-Ransome? That is if you don't have something like this already. Honestly, Secure Folders is something to think about adding I feel too.
Anti-ransomware is unnecessary too. The ransomware sample will be automatically isolated from the rest of the system when executed, carry out its encryption on absolutely nothing and then spring up its ransom note. Now all the user has to do is go ahead and reset the sandbox; terminating the ransomware and its ransom note. No files encrypted, no malicious activity taking place on the system.
Similar threads
