App Review Comodo Firewall- Cruelsister Variation

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Cruel Comodo is something beautiful, almost a masterpiece (it reminds me of DefenseWall) and your trick to make browsers work in the Sandbox is the icing on the cake.

Much appreciated.


Ps: Cruel Comodo + AdGuard is now my security combo, I dont feel the need to use anything more (save for some browser extensions and tweaks).
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
Superb! Finally, I understand how to get browsers to run in the container without using the widget to access them. My mistake was neglecting to change the restriction level to partial in the containment rule.

Two questions @cruelsister. In the initial virtualize rule, is setting the setting to partial restriction 100% as safe as restricted? You have commented that it just means emptying the sandbox, but I really wanted to clarify this one once and for all. Also, are there any other steps required to running an unrecognized application in containment using the partially restricted setting?

Thx. I am playing with Fort Knox firewall in place of Comodo's firewall element on a test PC. It's been fun, but you are making Comodo harder and harder to leave...not that I have considered doing so o/c...
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
AtBo- Thanks!!! Really nice question- Comodo has upped the base policy of Containment, so makes things like a former setting I used (alert for elevated privilege) unneeded. At PL, things like adware and changes to the Desktop background can occur- nothing earthshaking at all, but I'm a purist and don't want to be bothered by things like this. For browsers, although I would Never (Never Ever) run things like installers or such at Partially Limited, placing browsers at this level is essential; using a Restricted setting would prevent things like Chrome from working at all.

Telos- I was throwing Comodo a bone. I personally see no need for it (nor have I seen that this is even an optional install on Win10). I also never use Comodo DNS not set my Homepage to Yahoo. But stating these things in within the video would insult a Company that is giving away Top Tier protection for free.
 

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
I'm running @cruelsister settings for over a year and only thing that is different from this video is firewall settings (my is Custom Mode).
You write this:
Clipboard01.jpg
But I run Chrome (from widget) sandboxed it run normal and everything is working OK.
Clipboard02.jpg
I also run Chrome out of sandbox sometimes just to keep (add-ons) everything up-to-date.
 
Last edited:

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
I know... I really wanted to make like a 1 minute video on the settings alone, but obviously I am incapable of just coming to the point!

God Forbid if I ever talked- I would go off on tangents and the video would last for a few hours.
 

Chimaira

Level 4
Verified
Well-known
Jan 5, 2018
163
AtBo- Thanks!!! Really nice question- Comodo has upped the base policy of Containment, so makes things like a former setting I used (alert for elevated privilege) unneeded. At PL, things like adware and changes to the Desktop background can occur- nothing earthshaking at all, but I'm a purist and don't want to be bothered by things like this. For browsers, although I would Never (Never Ever) run things like installers or such at Partially Limited, placing browsers at this level is essential; using a Restricted setting would prevent things like Chrome from working at all.

Telos- I was throwing Comodo a bone. I personally see no need for it (nor have I seen that this is even an optional install on Win10). I also never use Comodo DNS not set my Homepage to Yahoo. But stating these things in within the video would insult a Company that is giving away Top Tier protection for free.

So there is no need to tick the 'Do not show privilege elevation alerts' box anymore and set it to 'Run inside the container'?
 
Last edited:

erreale

Level 9
Verified
Content Creator
Malware Hunter
Well-known
Oct 22, 2016
409
Telos- I was throwing Comodo a bone. I personally see no need for it (nor have I seen that this is even an optional install on Win10). I also never use Comodo DNS not set my Homepage to Yahoo. But stating these things in within the video would insult a Company that is giving away Top Tier protection for free.

What you just wrote makes you definitely an honor.
 

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
I have a question.
Sandbox Browser from automatic sandbox settings
Sandbox Browser from Task Panel
Is there a difference between the behaviors of both?
 
  • Like
Reactions: Garzaman

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
It may- the browser has to be run at the lowest (Partially Limited) setting in order to insure everything works, and the firewall rule (to allow the sandboxed browser to connect out) is a must. Personally I don't bother to sandbox the browser as I feel it is pointless; anything malicious that arises from browsing on the Net will be contained anyway.

Fun Fact- My next video will be on In-Browser Mining. No sandbox, whether Comodo or Sandboxie, or whatever will prevent these things. The CPU browser use will pop up to 99% in either a sandboxed or non-sandboxed browser.
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Does Cruel Comodo 10 needs any special settings for torrent clients (qBittorrent) work properly? It seems that my upload speed is very erratic while Comodo is on.
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
When cf updates, does that muck up your settings? I suspect that it does or can.
Any point in tweaking, or deleting, the trusted vendors list, your video does not go there.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
When cf updates, does that muck up your settings? I suspect that it does or can.
Any point in tweaking, or deleting, the trusted vendors list, your video does not go there.
There have been comodo updates that set the trusted vendors list back to default. It's not supposed to, but it happened, like about half a year ago. (If it wasn't the TVL, it was something else that got defaulted. I remember that something like this happened...)
So you can never be 100% sure what's going to be with a comodo update. Sometimes they fix bugs, sometimes they introduce bugs, and sometimes both.
If you want to play it cautious, backup your config and the file list before updating. Not much more you can do.

FYI if you cut down the TVL to a few really trusted vendors, like many users do, this increases security a little, and increases false positives a lot.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top