Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Comodo Internet Security Pro 2022
Message
<blockquote data-quote="Andy Ful" data-source="post: 989389" data-attributes="member: 32260"><p>There is no surprise. Comodo's auto-sandbox technology for PE files (EXE, DLL, etc.) is very strong.</p><p>For this reason, I kept Comodo for many years on Windows XP (my dad's computer).</p><p></p><p>This kind of protection is based on file reputation lookup, so the protection is almost perfect. Even if one uses script malware, most of them only deliver the PE payload which is finally contained in the Comodo Sandbox.</p><p>Anyway, there are well known downsides of such protection (it cannot be popular):</p><ol> <li data-xf-list-type="ol">Many false positives - more than we can see in Norton 360 (also based on file reputation lookup).</li> <li data-xf-list-type="ol">Problems with managing applications running in the sandbox.</li> </ol><p>So, Comodo can be used by everyone. But, installation of new applications has to be often done with the help of the geek. The auto-updates of already installed applications are usually allowed when they are digitally signed and the signer is trusted by Comodo (this can be also configured by the user). I like this kind of security. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p>If one wants to bypass the Comodo protection, then it can hardly be done like in the video. Simply, the protection is too strong. One has to focus on:</p><ol> <li data-xf-list-type="ol">Fileless attacks (no PE file involved).</li> <li data-xf-list-type="ol">Signed malware that can use the vendor trusted by Comodo.</li> <li data-xf-list-type="ol">Malware that is prepared to escape the sandboxing technology. If I correctly remember Comodo can use several levels of virtualization, and by default, it uses not the strongest one.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></li> </ol></blockquote><p></p>
[QUOTE="Andy Ful, post: 989389, member: 32260"] There is no surprise. Comodo's auto-sandbox technology for PE files (EXE, DLL, etc.) is very strong. For this reason, I kept Comodo for many years on Windows XP (my dad's computer). This kind of protection is based on file reputation lookup, so the protection is almost perfect. Even if one uses script malware, most of them only deliver the PE payload which is finally contained in the Comodo Sandbox. Anyway, there are well known downsides of such protection (it cannot be popular): [LIST=1] [*]Many false positives - more than we can see in Norton 360 (also based on file reputation lookup). [*]Problems with managing applications running in the sandbox. [/LIST] So, Comodo can be used by everyone. But, installation of new applications has to be often done with the help of the geek. The auto-updates of already installed applications are usually allowed when they are digitally signed and the signer is trusted by Comodo (this can be also configured by the user). I like this kind of security. :) If one wants to bypass the Comodo protection, then it can hardly be done like in the video. Simply, the protection is too strong. One has to focus on: [LIST=1] [*]Fileless attacks (no PE file involved). [*]Signed malware that can use the vendor trusted by Comodo. [*]Malware that is prepared to escape the sandboxing technology. If I correctly remember Comodo can use several levels of virtualization, and by default, it uses not the strongest one.:)(y) [/LIST] [/QUOTE]
Insert quotes…
Verification
Post reply
Top