Comodo Internet Security - HIPS On or Off?
- Thread starter Sloth
- Start date
- Status
Hi @Sloth
HIPS leaves in "off" and set it as a proactive defense. The level of protection of the firewall is so high that not worth having HIPS and not receive many messages
Windows firewall must be disabled. There NOT should be two firewalls running simultaneously
HIPS leaves in "off" and set it as a proactive defense. The level of protection of the firewall is so high that not worth having HIPS and not receive many messages
Windows firewall must be disabled. There NOT should be two firewalls running simultaneously
- Jun 24, 2015
- 212
@Sr. Normal Thanks. HIPS is set to off. But I don't see any setting called proactive defense. I'm using CIS Free.
- May 30, 2015
- 277
I leave it on, as I like to know when things are being quarantined/sandboxed.... when I become more accustomed with how CIS works, I'll probably turn it off...... but that's just me..
- May 30, 2015
- 277
You aren't going to learn how CIS works unless you enable HIPS. You can disable it later... just sayin'. Once you get everything white-listed on your system HIPS is silent - unless files are updated (modified) or you install new files. HIPS is not the terrible user burden that a lot of people think it is... sure it is a pain - at first, but once you learn how to use it, your increased knowledge adds to your protection.
What you generally don't want to see on a system is a HIPS alert "out-of-the-blue." However, in CIS legitimate actions also trigger HIPS alerts. I think if your going to use CIS then it is best to learn this by doing... right?
Disable Windows firewall, but this may be a Windows Action Center issue (bug\quirk). In any case, just disable it... you don't need it with CFW and if it really is active it should be turned off anyways.
- Mar 15, 2011
- 13,070
HIPS is such a hard and a bit time consuming maintenance to improve the rules for such programs that are not registered and mark for possible crucial operation; actually your AV + BB + Cloud are totally effective with proper tweaks; don't forget to use Autosandbox which is great if you are unsure to the program to execute.
Recommended settings, well everything came from factory; no need to touch the heuristics. Its either you conduct a learn mode for a week so, to obtain all the programs to be whitelisted.
Recommended settings, well everything came from factory; no need to touch the heuristics. Its either you conduct a learn mode for a week so, to obtain all the programs to be whitelisted.
- Jun 14, 2015
- 857
Comodo is a pain any way you slice it, so in for a penny, in for a pound, right?
Additionally, ensure Comodo is detecting networks and prompting you (like WF does); I've had that fail 2/3 the time with the net result of having NO firewall.
Apples and oranges and you cannot adopt a fortress mentality. "The wall is 100% secure; therefore everything in it is secure." is fallacious thinking (and a great exploit for pentesting...physically and electronically)
Comodo never disabled WF on mine; it's a common, long-standing bug that diminishes confidence in the product. I know WF isn't buggy; I know Comodo is buggy.
Additionally, ensure Comodo is detecting networks and prompting you (like WF does); I've had that fail 2/3 the time with the net result of having NO firewall.
- Sep 26, 2014
- 2,973
I have to say that i totally agree with hjlbx's statement.
After a month of using Comodo i decided to enable HIPS and since i didn't want to do anything wrong i followed
the instructions of the other members.
After a few days i learned how to read HIPS pop-ups and since then my level of understanding what security is just went to the next level.
What i want to say is that HIPS is a great tool that will help you to learn more about security
@Rolo , I do not agree with your personal opinion. Comodo Firewall is an excellent product. You think it's a pain, that HIPS must be activated, you talk about fallacies, Comodo is a buggy ...
Comodo Firewall is certainly among the best free firewalls. ZoneAlarm, or Privatefirewall, perhaps, you might think are better (Online Armor free was my favorite, but you know that it is an outdated product), but for fame or prestige is surely the best. I like more ZoneAlarm but I recognize the quality of Comodo
HIPS activated? I think it depends on the level of the user. HIPS continuously demand interaction by the user. I have seen bored users accepting all that HIPS advises, then... Must it be enabled? I think that only an advanced user should have enabled HIPS. (So pardon for repeating the word "user", my translator and my knowledge are unable to find synonyms)
I leave recommending you to see some good tutorial on how to configure Comodo Firewall, so you can get better performance. Obviously it is not perfect but it is an excellent product, especially considering it's free. There are always things to improve, but I disagree with your assessment of this firewall
@tonibalas Hi friend
, you have a very good level, so I understand that you active HIPS, but I do not think that it is recommended for all users, you have previously acquired knowledge to use this tool conveniently, but other users can be intimidated
Comodo Firewall is certainly among the best free firewalls. ZoneAlarm, or Privatefirewall, perhaps, you might think are better (Online Armor free was my favorite, but you know that it is an outdated product), but for fame or prestige is surely the best. I like more ZoneAlarm but I recognize the quality of Comodo
HIPS activated? I think it depends on the level of the user. HIPS continuously demand interaction by the user. I have seen bored users accepting all that HIPS advises, then... Must it be enabled? I think that only an advanced user should have enabled HIPS. (So pardon for repeating the word "user", my translator and my knowledge are unable to find synonyms)
I leave recommending you to see some good tutorial on how to configure Comodo Firewall, so you can get better performance. Obviously it is not perfect but it is an excellent product, especially considering it's free. There are always things to improve, but I disagree with your assessment of this firewall
@tonibalas Hi friend
, you have a very good level, so I understand that you active HIPS, but I do not think that it is recommended for all users, you have previously acquired knowledge to use this tool conveniently, but other users can be intimidated
Last edited by a moderator:
- Sep 26, 2014
- 2,973
@tonibalas Hi friend
Hello to you my friend
, you are right that HIPS is not for novice users but as i said before after a period of time where you can learn how Comodo works you can enable HIPS and learn more things about in which way a security program works.This is what i have done and i want to say that in the beginning not HIPS but Comodo was a bit hard to learn
.After a couple of months i decided to enable HIPS
and in every new alert Comodo was giving me i read very carefully what it was saying and day by day i learned how to use it.
In the end i want to say that HIPS is a very good lesson to learn about security.
How you can take it to your advantage? Just have the patience to read the pop-up and i am sure even a novice user( like me )
can learn a lot.
Ha, ha, ha my friend
I took 10 months (the time I belong on MT) reading your writings and learning from you. If you are novice, then I'm English philologist I have friends that I've had to reconfigure CF because they always accepted when they saw the announcement of HIPS.
Always. I like HIPS, but from my experience, I believe that by learning curve that it has, many users will not know to use it.
But if a novice like you can... I leave that I have to write a book of three thousand pages in English
- Sep 26, 2014
- 2,973
@Sr. Normal thank you for making my laugh
You are a great guy Thank you again
p.s.: anyone with a little patience can learn a few things form HIPS
You are a great guy
Thank you againp.s.: anyone with a little patience can learn a few things form HIPS
It sounds CIS starts to teach security to its users This was happened to me too guys
This was happened to me too guys
- Jun 14, 2015
- 857
It isn't an opinion, Comodo is buggy. 117 Comodo-verfied open/unresolved bugs right here: https://forums.comodo.com/format-verified-issue-reports-cis-b237.0/
CIS failing to operate on two of three of my machines was not my opinion; it is an observable, measurable, repeatable claim. It, too, was verified by Comodo: https://forums.comodo.com/format-ve...when-hyperv-is-installed-m1493-t111583.0.html
CIS is buggy (verified fact), it is a pain to use (subjective observation but a nearly unanimous one I'd bet--"easy to use" certainly isn't ever said about Comodo), HIPS should be activated (professional opinion and I agreed with hjlbx's wise advice on learning from CIS).
To clarify my position: Comodo has potential but it's had potential for years. It shouldn't be overlooked but it shouldn't be trusted without staunch testing first and it is certainly a great learning tool.
Excellent or not, it still hasn't' performed for me as well as Windows Firewall. Again, not an opinion, but an observable, measurable, repeatable fact.
Yes. Comodo is buggy. I always have a 50 L container of bug spray handy when I am using it.
However, in my experience, the bugs are an annoyance - cause confusion - rather than any type of serious security flaw.
Vulnerabilities are a different matter and are not the same as bugs. A vulnerability is a weakness in the code that can be exploited by malware to compromise the system.
Comodo has vulnerabilities too... just like every other security soft. Some of those vulnerabilities are so arcane - and require just the right combination of circumstances - that no malware writer in the right mind would ever even consider bothering with them.
Comodo has fixed serious vulnerabilities... they've been reasonably good about it - although, everybody wants this sort of thing fixed yesterday.
Despite all this... Comodo remains a solid security soft.
However, in my experience, the bugs are an annoyance - cause confusion - rather than any type of serious security flaw.
Vulnerabilities are a different matter and are not the same as bugs. A vulnerability is a weakness in the code that can be exploited by malware to compromise the system.
Comodo has vulnerabilities too... just like every other security soft. Some of those vulnerabilities are so arcane - and require just the right combination of circumstances - that no malware writer in the right mind would ever even consider bothering with them.
Comodo has fixed serious vulnerabilities... they've been reasonably good about it - although, everybody wants this sort of thing fixed yesterday.
Despite all this... Comodo remains a solid security soft.
I have tried many security software. And CIS is the only software thats works excellent on my 2 Win 7 64 system. Back when I had XP 32 CIS worked excellent on that OS too. No boot slowdown, system slowdown, browsing slowdown, nothing. And now the usability have improved a lot too. But one cannot use CIS without knowing couple things atleast like autosandbox, taking files out of sandbox. But as mentioned the improvements in usability & CIS version 8 new default rules/policy makes it easy enough for average users & can be definitely installed on average users system at home if there is 1 user at home who knows how & whats of CIS to solve the rare probs average users would face. Coz most of their software will be already installed on the system & most of the new soft they would try will be in Comodo Whitelists. Updates/Upgrades of the programs will also not be a prob as new versions are added fast by Comodo now. And I am talking about average users, the type of softs they use/install, etc.. With CIS 8 defaults rarely would there be a prob & that 1 user at home with the know how of CIS can solve that rare prob. Expert users may see more popups/autosandbox as they use many softs, rare softs, system tools, remote tools, etc... & they know how to handle popups/alerts, etc... so no prob for them.
- Jun 14, 2015
- 857
...unless a bug causes a vulnerability, such as (as witnessed personally):
- CIS: Firewall doesn't operate on any connected network
- CIS: Auto-sandbox doesn't sandbox when it should because this other setting over here doesn't work the way the manual states (I forgot the details)
- BDTS: AV scanning, database updates, Windows updates, java updates disabled on boot due to a bug in profiles
Wouldn't you say those bugs are vulnerabilities?
- Status
