- Jan 6, 2017
- 835
COMODO FW with NVT
- Thread starter Rengar
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
- Status
- Feb 25, 2011
- 277
If you go with CS´s settings it´s none of above.
HIPS off and autosandbox on it should be.
Why change something that´s proven to work?
*Edit*
Actually i can´t see why use NVT at all (not to say there are no reasons i have´nt found). CFW with CS`s setting does, as far as i understand, the same job as NVT!?
Add a MBR immunizer and/or optional AV if you like. Otherwise i´m pretty certain CFW configured as CS is enough for most semiexperienced users.
HIPS off and autosandbox on it should be.
Why change something that´s proven to work?
*Edit*
Actually i can´t see why use NVT at all (not to say there are no reasons i have´nt found). CFW with CS`s setting does, as far as i understand, the same job as NVT!?
Add a MBR immunizer and/or optional AV if you like. Otherwise i´m pretty certain CFW configured as CS is enough for most semiexperienced users.
Last edited:
CFW + ERP is redundant and useless, i wont use this. CFW is strong enough alone and can easily be tweaked to become better than an anti-exe. ERP will afford nothing to CFW, it even doesn't have dll/driver protection (CFW have them).
As if you have a car with a Porsche motor (CFW) then add a Volvo engine (ERP) expecting to get faster
As if you have a car with a Porsche motor (CFW) then add a Volvo engine (ERP) expecting to get faster
Last edited by a moderator:
- Feb 25, 2011
- 277
CFW + ERP is redundant and useless, i wont use this. CFW is strong enough alone and can easily be tweaked to become better than an anti-exe. ERP will afford nothing to CFW, it even doesn't have dll/driver protection (CFW have them).
As if you have a car with a Porsche motor (CFW) then add a Volvo engine (ERP) expecting to get faster
HEY!!
What´s wrong with Volvo??
- Feb 25, 2011
- 277
ummmmmmmmmm...in this setup ? yes
CFW alone or with any AV or ERP with whatever non-HIPS.
- Feb 25, 2011
- 277
I´m not qualified to say one is better than the other. I use autosandbox and it´s working great. Used HIPS previously but think it needed to much attention. Like it the way it is now, quiet and effective. My melody!
- Jul 3, 2015
- 8,153
I prefer NVT ERP over comodo firewall.
It is simply designed, it does what it says, and it says what it does.
It has an easily manageable vulnerable processes list that provides significant exploit protection.
And what's more, it actually works on my system without conflicting with other security software.
Every time I try out another solution, I always come back to NVT ERP.
I find Comodo to be mysterious and unpredictable, whereas NVT ERP is like a reliable old friend who is always there when you need him. It's less glamorous, but I don't care.
It is simply designed, it does what it says, and it says what it does.
It has an easily manageable vulnerable processes list that provides significant exploit protection.
And what's more, it actually works on my system without conflicting with other security software.
Every time I try out another solution, I always come back to NVT ERP.
I find Comodo to be mysterious and unpredictable, whereas NVT ERP is like a reliable old friend who is always there when you need him. It's less glamorous, but I don't care.
Using ERP alone isn't enough for actual threats, it doesn't block attacks via memory , dlls injections and drivers.
Last edited by a moderator:
- Jul 3, 2015
- 8,153
could you provide some details on how comodo does that?
also: rogue dlls can't get on the system unless one of these two happens:
1 a malicious file executes on disk
2 a vulnerable process is exploited
ERP covers both of the above, so where is the hole in its protection?
ditto for memory attacks and drivers
Last edited:
- Jul 3, 2015
- 8,153
Ah, I think I understand what you mean now.
You mean that ERP is not Smart Object Blocker, which can put even dlls and drivers in a locked down state.
- Dec 8, 2014
- 206
NVT ERP does prevent applications from running files in memory. However, it does not prevent insecure loading of libraries and similar stuff.
- Jul 3, 2015
- 8,153
I would say it provides partial mitigation in all those areas.
For instance, rundll32 is on the vulnerable processes list in order to prevent loading of rogue dlls.
Other items on the list will mitigate the ability to download and register dlls or drivers.
The user can populate the list to the point that it doesn't leave much room for surprises.
- Jul 3, 2015
- 8,153
Indeed, COMODO is a suite with many components, as opposed to ERP, which focuses on one thing: anti-exe.
COMODO's complexity is both its strength and its downfall. If it works, there is nothing like it. And if it doesn't, nothing will frustrate you more.
- Status
