App Review Comodo Firewall- Cruelsister Variation

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Chimaira

Level 4
Verified
Well-known
Jan 5, 2018
163
With UAC completely off Comodo Sandbox works as it should and now I dont get the popup that I mentioned earlier and it runs at the "Restricted" setting, so it is sure a "bug".

Thanks @Chimaira for the solution, anyway I think Comodo team should fix this asap.


I noticed that sometimes containment wont reset, now with UAC it works like a charm too.

Yes it is definitely a bug, I am certainly not arguing with that! It is now working with UAC? How did you manage to get that working?
 

Chimaira

Level 4
Verified
Well-known
Jan 5, 2018
163
I just used the Local Policy Group and rebooted, after that Comodo sandbox worked as expected.

Oh okay, I misunderstood that post. I am happy you have got it working. I feel comfortable running CFW this way, CruelSister has done extensive testing with malware and with UAC off it hasn't resulted in malware getting past her setup. It UAC off resulted in being vulnerable to attack she would be yelling at everyone to keep UAC on.
 
  • Like
Reactions: Nightwalker

Chimaira

Level 4
Verified
Well-known
Jan 5, 2018
163
I have done some thinking and I have decided that I am not going to use CFW with this 'Partially Limited' bug with UAC on. Applications requesting admin privileges are the most important to contain with restricted containment.

What is even the point of using CS's settings if any program needing Admin privileges won't use those settings? Seems pointless.

@cruelsister Is it possible to get the Comodo dev team to get this fixed?
 

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
@cruelsister
Do you recommend to install any Anti-Ransomware software along with your CF (cs settings) in order to protect better from the latest variations of ransomware? Thanks
 
Last edited:
  • Like
Reactions: Tiny

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Rebsat- Absolutely no anti-ransomware application is needed! Trust me on this- not only will you not have to worry about ransomware, but you will be able to feel sorry for the Assholes that spend the time coding such garbage (Life will be Good)..
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
I do not see the need for Anti.Rasoware with the configuration of CS, I'd say more, I've tried Rasomwares and none have passed the Sanbox Comodo Firewal. That is my experience with W7.
(I edit without using any, variation only with the CS configuration.)
 
Last edited:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Rebsat- Absolutely no anti-ransomware application is needed! Trust me on this- not only will you not have to worry about ransomware, but you will be able to feel sorry for the Assholes that spend the time coding such garbage (Life will be Good)..
To go slightly off-topic for a second: What are your thoughts on CCAV nowadays? I don't know when you last checked it out but Comodo's added some pretty smart additions; the ability to block all network access for sandboxed files and fileless malware protection being the major ones.
 

cruelsister

Level 42
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Bribon- You should see how CF handles the new RedEye ransomware (which acts by a different mechanism). I almost feel like coming out of retirement and doing a video (I have a song in mind that even Umbra would like).

Arequire- this is not off-topic in any way! I still have mixed feelings about CCAV. It still is way more system intensive than CF (there is no doubt about this (I always set my initial VM to emulate the biggest POS computer on the Planet and there is an extreme differnce between CCAV and CF, with CF being the lighest by far, far, far...); although the AV component (Cloud) in CCAV is superior to the one in CF for whatever reason, the Containment modality is not as restrictive as is CF at my settings. Now don't get me wrong- in either case (with CCAV or CF) your system will be proof from malware- but I still feel that CF is more elegant.
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
Bribon- You should see how CF handles the new RedEye ransomware (which acts by a different mechanism). I almost feel like coming out of retirement and doing a video (I have a song in mind that even Umbra would like).
[...] but I still feel that CF is more elegant.

CS, excellent idea, I hope you're not just teasing... :emoji_flushed:
 
F

ForgottenSeer 58943

I just tried CF with CS settings.

The speed issue is resolved for most connections 500Mbps< so that's good.

I still find it unusable. On the test machine it immediately put a little program I use to disable NIC's at the service level. Not surprising, it's a rather unknown entity and is used to eliminate unauthorized (and after hours) access to all of the network/wireless components of systems. The problems started when Steam was launched. After attempting to execute 6-7 different games, all of them were denied by containment.

Ultimately, while protective, it's impractical for deployment beyond a prosumer/techy type of system. VoodooShield IMO would be a far better alternative for the majority of systems, even always-on it's not going to fire off on most once the whitelist is propagated.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
I just tried CF with CS settings.

The speed issue is resolved for most connections 500Mbps< so that's good.

I still find it unusable. On the test machine it immediately put a little program I use to disable NIC's at the service level. Not surprising, it's a rather unknown entity and is used to eliminate unauthorized (and after hours) access to all of the network/wireless components of systems. The problems started when Steam was launched. After attempting to execute 6-7 different games, all of them were denied by containment.

Ultimately, while protective, it's impractical for deployment beyond a prosumer/techy type of system. VoodooShield IMO would be a far better alternative for the majority of systems, even always-on it's not going to fire off on most once the whitelist is propagated.
Didn't you do a reputation scan?
 
D

Deleted member 178

@ForgottenSeer 58943 Comodo was never made for beginners (even if CS' settings try to make it easier for them), its users can't expect to run it flawlessly without their own personal tweaks/settings. Your observations just prove it.

Comodo's "experts" here, we spent lot of time to shares infos about it.
Any Comodo users in MT, beginner or advanced, who are serious about using it, must read all the pinned threads here: Comodo
 
5

509322

I just tried CF with CS settings.

The speed issue is resolved for most connections 500Mbps< so that's good.

I still find it unusable. On the test machine it immediately put a little program I use to disable NIC's at the service level. Not surprising, it's a rather unknown entity and is used to eliminate unauthorized (and after hours) access to all of the network/wireless components of systems. The problems started when Steam was launched. After attempting to execute 6-7 different games, all of them were denied by containment.

Ultimately, while protective, it's impractical for deployment beyond a prosumer/techy type of system. VoodooShield IMO would be a far better alternative for the majority of systems, even always-on it's not going to fire off on most once the whitelist is propagated.

COMODO requires manual configuration and on-going file management. The more stuff on a system, the more management is required. The COMODO file reputation database is many months behind the current file distribution in userland. The database is updated by user submissions and files are not whitelisted until manually inspected by a human - so that ensures that the database is always out-of-date.

It is common that the user has to whitelist files on their own plus manage the COMODO whitelist.
 
Last edited by a moderator:

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
@cruelsister
First of all, thank you very much for your good answer.

second...

Question:
How well does your CF (cs settings) protect the following components? and should I be worried about them?

1. MBR/GPT Protection
Protection from ransomwares and malwares modifying both MBR(Master Boot Record) and GPT(GUID Partition Table).

2. Network Drive Protection
Protect Network Drive files from ransomware destruction.

3. SMB Server Protection
Protect when ransomware damages files in shared folder.

4. Removable Drive Protection
Protect Removable drives from ransomware file encryption.

5. Exploit Guard
Protect vulnerabilities of web browsers and applications.
 
Last edited:

giulia

Level 5
Verified
Nov 30, 2016
236
hi
i would like test it if comodo can block programs that use services
just because many programs could be blocked via many firewall but they can comunicate even are blocked
to block them , they should be added in the HOST
thanks
 
  • Like
Reactions: shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
so what security would you use on a W10 installation instead?
The point is that Internet Security Essentials is not necessary. Comodo Firewall is good enough without it.
up to that question too pls ^
It is recommended, but not necessary, to disable Windows Firewall.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top