App Review Comodo Firewall and the E-File Data Stealer

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
cruelsister
F

ForgottenSeer 100397

I'm aware that CruelSister does not silence CF. This works for more advanced users, and also serves for demonstration. Someone actually asked her in a previous post (possibly this same thread) what would happen if someone silenced Comodo or didn't respond to the alert. She said something to the effect that, either way, the malware would have sat there dormant and lonely, until the next time someone emptied the sandbox. This isn't verbatim, but basically the same message. Without user input, proactive CF errs on the side of caution.
Indeed, CruelCF is better suited for experienced users.

If someone is ready to learn the fundamentals of CF’s features, you can install it with any configuration on their system. CF is complex software; however, all you need to do is become familiar with the basics to use it effortlessly.

To keep users safe for any reason, configure CF, take the Do Not Disturb approach, and password protect it.
 

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
Indeed, CruelCF is better suited for experienced users.

If someone is ready to learn the fundamentals of CF’s features, you can install it with any configuration on their system. CF is complex software; however, all you need to do is become familiar with the basics to use it effortlessly.

To keep users safe for any reason, configure CF, take the Do Not Disturb approach, and password protect it.
Once an experienced user has set it up, CruelCF can suit the majority. Intermediate users may appreciate it as well, albeit with a slight learning curve. But yes, it is definitely best-suited to the experienced minority, while the sad reality remains that subpar protection from powerful, established antivirus companies gives a false sense of security, leaving an abundance of low-hanging fruit for cybercriminals.

Thank you for reminding me about the password protection feature. I had this set up on my grandma's computer (God rest her). It's a useful, added layer of protection for those who know how to get a hold of their administrator/contractor, serving as a chastity belt to keep novice users and guests out of trouble. Just make sure you're not the only person living who knows the password, lest your client require a factory reset if anything happens to you, and they need it unlocked for some reason.
 
Last edited:

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
@ebocious

CF indeed provides robust security and surpasses established antivirus.

Do you turn off CF alerts on the average user's system?
Yes. I use silent mode on my own systems as well. I also turn off logging on every rule in Auto Containment, to minimize disk hogging. A few years ago, I visited my grandmother, and made a new image backup of her computer. Disk C: had about 20 GB free. I opened WinDirStat, and found a 20-gig Comodo logfile. Uninstalling and reinstalling took care of the problem. But there's another tip for you.
 
F

ForgottenSeer 100397

@ebocious

I prefer alert mode on my system and manually purge file list, logs, etc.

I installed CF on one of my family members' systems and will manage it.

Customized the following settings:
User Interface
Unchecked everything
Set "Enable password protection"

Updates
Unchecked "Automatically download program updates"

Configuration
Proactive Security

Firewall Settings
Set "Do not show popup alerts" to Block Requests
Unchecked "Enable Trustconnect alerts"
Global Rules: Applied "Block Incoming Connections" through Tasks-FirewallTasks-StealthPorts
Network Zones: Set "Do not show popup alerts and treat location as" to Public

HIPS Settings
Disabled HIPS

Containment Settings
Unchecked "Do not virtualize access to the specified files/folders"
Unchecked "Enable automatic startup for services installed in the container"
Set "Do not show privilege escalation alerts" to Block
Auto-Containment: Set "All Applications - Unrecognized" rule's "Action" to Block

File Rating Settings
Unchecked "Analyze unknown files in the cloud by uploading them for instant analysis"
Unchecked "Upload metadeta of unknown files to the cloud"
Checked "Do not show popup alerts"

VirusScope
Checked "Do not show popup alerts"
Checked "Monitor only the applications in the container"

Website Filtering
Disabled Website Filtering
 
  • Like
Reactions: ebocious

ebocious

Level 5
Verified
Well-known
Oct 25, 2018
232
What's the advantage of "containment" over "block" for the majority, according to you?
It depends on the extent and depth of the whitelist. It may not trouble your 13 yo user in terms of locally-installed apps since they're not going to be installing anything, but I'm thinking it might prevent Web-based applets and online games from running. Don't quote me on this, as I don't consider myself a preeminent authority on CF.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top