Comodo Internet Security Setup/configuration thread (Setting Only)

Discussion in 'Comodo' started by Umbra, Nov 12, 2015.

Thread Status:
Not open for further replies.
?

Will you use one of the setting

  1. yes, im very interested

    92.9%
  2. No, i prefer mine

    7.1%
  1. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,680
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    #1 Umbra, Nov 12, 2015
    Last edited: Mar 11, 2017
    Since many of us use Comodo IS, i decided to create this thread to share our skills of CIS, indeed some of us don't have the knowledge to tighten CIS by themselves without hampering their system. I hope this thread will help.

    Note: Only People used to CIS and having their configuration running for a long time without issues should post their configuration settings here.

    This thread is for HELPING beginners with CIS, not showing off the most secure settings while the system is totally non-responsive.

    You will display ONLY your settings/tweaks.



    Your config post should inform (in your opinion) which kind of users your config is oriented.

    For example "Paranoid Mode" is obviously not made for CIS beginners :D

    Feel free to use the template below i made for myself.



    UMBRA CIS' SETTINGS (30/11/2015)

    Targeted CIS Users:
    advanced/expert skilled users, Paranoid users.
    Reason: HIPS activated on Paranoid, Auto-Sandbox rule customized, FW on custom, Trusted vendor List customized
    Advices: Use Training Mode for some times is recommended if if you are not used to paranoid Mode.

    My setting are for the moment what i recalled from those i did from previous versions, they are a good compromise between security and usability, not much popups except for the firewall (i like to know what is going out).

    i could tighten this more but i will test various possibility in long term , so this settings will be surely modified.
    [​IMG]

    Configuration:
    Proactive

    Antivirus

    Real time Scan:
    Stateful

    Scan memory when computer start:
    yes
    Use Heuristic Scanning: Medium
    Exclusions: my security softwares group

    Scans

    Quick:
    Use cloud while scanning, High Heuristic
    Full: Use cloud while scanning, Medium Heuristic

    Defense +

    HIPS settings:
    Paranoid Mode
    Do NOT show popup alerts: No
    Create rules for safe applications: Yes
    Enable Adaptive Mode: Yes
    Block all unknown request...: No
    Enable Enhanced Mode Protection: Yes
    Do heuristic command line...: Yes
    Detect Shellcode Injections: Yes | Exclusions: my security softs

    HIPS Rules
    added group:
    [​IMG]

    Ruleset
    Added Ruleset

    - Umbra Ruleset (Allow All but) | Rights: Allow All except Run an Executable| Active Protection Settings: /
    - Umbra Ruleset (Ask all) | Rights: Ask All | Active Protection Settings: /
    - Umbra Ruleset (Block All) | Rights: Block All | Active Protection Settings: /
    [​IMG]


    Protected Objects
    Protected files:

    [​IMG]
    Protected Registry Keys: all keys belonging to my security softs.
    [​IMG]
    Protected Data Folders: all my folders with sensible datas.

    Sandbox

    Sandbox settings
    Do not virtualize Access to specified files/folders...:
    Yes | Exclusions: my security softwares group
    Do not virtualize Access to Registry Keys/Value...: No | Exclusions:
    Enable automatic Startup:
    Yes
    Detect Program which...: Yes
    Show privilege Elevation: Yes

    Auto-Sandbox:
    Enable Auto-Sandbox: Yes
    Enable File Source Tracking: Yes
    Rules:
    Edited "Run virtually" rule to "Untrusted".
    [​IMG]

    Viruscope

    Enable Viruscope: Y
    es
    Monitor sandboxed Applications only: No


    Firewall

    Firewall Settings

    Enable Traffic Filtering:
    Yes, Custom ruleset
    Create rules for safe Applications: Yes

    Filter IPv6:
    Yes
    Filter Loopback: Yes
    Block fragmented Yes
    Do protocol Analysis: Yes
    Enable Anti-ARP Spoofing: Yes

    Global Rules: Not Modified yet

    Website Filtering
    Enable Website filtering:
    Yes
    Rules: "Blocked Sites" edited to integrate MVPS Host Files list following my Tutorial


    File Rating


    File Rating Settings
    Enable Cloud Lookup:
    Yes
    Analyze Unknown files in the cloud: Yes
    Trust Application Signed by Trusted vendors: Yes, Customized
    Trust files installed by Trusted Installers: Yes
    Detect Potential Unwanted Applications: Yes

    File Groups
    Created a group containing all my security/sensitive/browsers application folders, this will make the exclusions in CIS various modules less tedious and way faster.
    [​IMG]

    File List
    set some vulnerable processes as unrecognized (regedit.exe, cmd.exe, etc...)

    Trusted Vendor
    there we are, the (In)famous TVL, the weakest chain of CIS, since any vendor/individual who pay the right price can be added as trusted...:rolleyes:
    I deleted all of them except Microsoft, my drivers and all my "sure-to-be-safe" software's vendors.
     
  2. hjlbx

    hjlbx Guest

    #2 hjlbx, Nov 12, 2015
    Last edited by a moderator: Dec 18, 2015
    WARNING ! Comodo is no joke. Improperly configuring Comodo Internet Security can result in a "Black Screen"\Unbootable System!

    The CIS configuration below should only be attempted by someone who thoroughly understands the basics of how Comodo Internet Security functions. It is NOT intended for the new user\beginner nor uninformed\inexperienced experimentation!


    To learn how Comodo Internet Security works, start out with the configuration that is installed by default.

    Afterwards, the vast majority of typical users can switch to and be very well protected by Proactive Security configuration with default settings.

    I learned by reading the User's Manual, a lot of online research, lots and lots of practice with CIS, and participating at MalwareTIps. It took a lot of time and effort. It is quite worthwhile.

    When I started with Comodo I knew absolutely nothing. If I can do it... you can do it...


    HJLBX CIS CONFIGURATION
    (Work-in-Progress; LAST EDIT 12-18-15 - NOT FINISHED !)

    Targeted CIS Users:
    Advanced/Expert Level Users that want maximum, multi-layered system control and protection.

    Reason: Replicate AppGuard + NoVIrusThanks Exe Radar Pro + Sandboxie + Protected Folders + Windows Firewall Control configuration with CIS; heavily customized anti-executable configuration with all vulnerable processes set to Unrecognized ("Alert Mode") + protect system space and active processes against modification.

    Operating System: Windows 8.1 x86-64

    Comodo Internet Security Pro 8.2.0.XXXX


    GENERAL SETTINGS

    User Interface
    • Show Messages from Comodo Message Center: Yes
    • Show Notification Messages: Yes
    • Show Welcome Screen on Startup: No
    • Show Desktop Widget: Yes
    • Show Information Messages When Tasks are Minimized/Sent to Background: No
    • Play Sound When Alert is Shown: Yes
    • Show the 'Upgrade' Button in the Main Window: No
    Password Protection
    • Enable Password Protection: No

    UPDATES

    Updates
    • Check for Program Updates every: 1 Days
    • Automatically Download Program Updates: Yes
    • Check for Database Updates every: 6 Hours
    Options
    • Do NOT Check for Updates if I am using these connections: Not Selected/Configured
    • Do NOT Check for Updates if running on battery: Not Selected/Configured
    LOGGING

    Logging
    • Write to Local Log Database (COMODO Format): Yes
    • Write to Windows Event Logs: No
    Log File Management
    • When Log File Reaches 20 MB => Delete It and Create a New One : Enabled
    User Statistics
    • Send Anonymous Program Usage to COMODO: Yes

    CONFIGURATION

    PROACTIVE SECURITY


    Make all settings changes AFTER enabling PROACTIVE SECURITY configuration !!

    SECURITY SETTINGS

    ANTIVIRUS

    Realtime Scan

    NOTE: Scanning of archives is a waste of system resources; it needlessly places a burden on system CPU and RAM. Unextracted archives (both non-encrypted and encrypted) are 'inert' on system until extracted. Plus, encrypted\password-protected archives cannot be decompressed and scanned. Decompressing and scanning archives on an HDD system will cause scans to take a long time - sometimes hours.

    Realtime Scan

    • Enable Realtime Scan: Yes
    • Enable Scanning Optimizations: Yes
    Detection
    • Run Cache Builder when Computer is Idle: Yes
    • Scan Computer Memory After the Computer Starts: Yes
    • Do NOT Show Antivirus Alerts => Quarantine : Enabled
    • Decompress and Scan Archive Files of Extension(s): *.jar, *.exe : Yes (experimenting at this time...)
    • Set New On-Screen Alert Timeout to: 999 secs
    • Set New Maximum File Size Limit to: Not Enabled
    • Set New Maximum Script Size Limit to: Not Enabled
    • Use Heuristics Scanning: High
    Scans

    Full Scan (double-click on Full Scan in list to access settings below)

    Items
    • Entire Computer
    • Memory
    NOTE: User cannot alter\customize COMODO default Full Scan Items list; can only customize scan items by creating a Custom Scan.

    Options
    • Enable Scanning Optimizations: Yes
    • Decompress and Scan Compressed Files: No (With this configuration Realtime Scan will scan archives)
    • Use Cloud while Scanning: Yes
    • Automatically Clean Threats => Disinfect Threats: Enabled
    • Use Heuristics Scanning: High
    • Limit Maximum File Size to 40 MB: Not Enabled
    • Run this Scan with Background: Not Enabled
    • Update Virus Database Before Running: Yes
    • Detect Potentially Unwanted Applications: Yes
    Schedule
    • None (On-Demand use only)
    Quick (double-click on Quick Scan in list to access settings below)

    Items
    • Commonly Infected Areas
    NOTE: User cannot alter\customize COMODO default Quick Scan Items list; can only customize scan items by creating a Custom Scan.

    Options
    • Enable Scanning Optimizations: Yes
    • Decompress and scan compressed files: Yes
    • Use Cloud while Scanning: Yes
    • Automatically Clean Threats => Disinfect Threats : Enabled
    • Use Heuristics Scanning: High
    • Limit Maximum File Size to 40 MB: Not Enabled
    • Run this Scan with Background: Not Enabled
    • Update Virus Database Before Running: Yes
    • Detect Potentially Unwanted Applications: Yes
    Schedule
    • None (On-Demand use only)
    Exclusions

    Excluded Paths
    • Add *\Quarantine
    NOTE: Adding *\Quarantine to Excluded Paths prevents CIS scan engine from scanning and detecting files located in most other security software's quarantine directory - for example, the included Comodo Cleaning Essentials quarantine folder !

    Excluded Applications
    • None (when no conflicting software installed; no false positives on system)
    NOTE: Excluded Paths and Excluded Applications is where user adds File Groups\Files\Folders and Applications\Running Processes (for example, other security software and utilities) to prevent conflicts with COMODO's Antivirus Module. Generally, what needs to be added is determined by trial-and-error.

    DEFENSE+

    HIPS

    HIPS Settings


    HIPS Settings
    • Enable HIPS: Yes => Paranoid Mode (Monitoring Settings: NOT Modified\Default)
    • Do NOT Show Popup Alerts: Not Enabled
    • Set Popup Alerts to Verbose Mode: Yes
    • Create Rules for Safe Applications: No
    • Set New On-Screen Alert Time-Out to: 999 secs
    Advanced
    • Enable Adaptive Mode Under Low System Resrouces: Yes
    • Block All Unknown Requests when the Application (Application = Comodo Internet Security) is Not Running: No
    • Enable Enhanced Protection Mode (Requires a System Restart): Yes
    • Do Heuristic Command-Line Analysis for Certain Applications: Yes
    • Detect Shellcode Injections: Yes => (Exclusions: None)
    HIPS Rules

    Access to specific Application HIPS rules for modification\customization.

    Rulesets


    Access to pre-defined list of File Group HIPS rules for modification\customization; user can add HIPS File Group with customized Access and Protection rules.
    • NOT Modified\Default
    Protected Objects

    Protected Files

    Add "System Space":
    • C:\$SysReset
    • C:\PerfLogs
    • C:\Program Files
    • C:\Program Files (x86)
    • C:\Recovery
    • C:\ProgramData\Microsoft
    • C:\System Volume Information
    • C:\Windows
    NOTE: If adding any of these directories\folder paths to Protected Files causes issues, then it can be easily removed.

    User can add File Groups\Files\Folders\Running Processes; only applications rated as Trusted by Comodo can modify (= write to) Protected Files; all applications - Trusted, Unrecognized and Malicious - can read Protected Files.

    Using HIPS Safe Mode, any Unrecognized application that attempts to modify a Protected File will generate a HIPS Protected Object alert.

    Using HIPS Paranoid Mode, any application - including Trusted applications - that attempt to modify a Protected File will generate a HIPS Protected Object alert.

    Blocked Files

    Applications\Running Processes added to Blocked Files cannot be executed.

    Registry Keys

    Access to pre-defined list of Registry Keys that cannot be modified except by files rated as Trusted by Comodo; user can add additional Registry Groups\Registry Keys.
    • NOT Modified\Default
    COM Interfaces

    Access to pre-defined list of COM Interfaces that cannot be accessed except by files rated as Trusted by Comodo; user can add additional COM Groups\COM Components.
    • NOT Modified\Default
    Protected Data Folders

    Applications running inside Comodo's virtual container (Sandbox, Virtual Desktop) cannot read nor write to folders added to Protected Data Folders.
    Add
    • C:\Users\Current_User\Documents
    • C:\Users\Current_User\Music
    • C:\Users\Current_User\OneDrive
    • C:\Users\Current_User\Pictures
    • C:\Users\Current_User\Videos
    • C:\Users\Public\Documents
    • C:\Users\Public\Music
    • C:\Users\Public\Pictures
    • C:\Users\Public\Videos
    • Any Backup folders
    • Any Backup drive (e.g. X = where X is drive letter of any backup drive)
    NOTE: If you add C:\Users\Current_User\* (using the "any" wildcard *) then browsers might not be able to access saved passwords for website login and\or unable to load user profile (e.g. Firefox) when Sandboxed or run inside the Virtual Desktop.

    NOTE: If you add C:\Users\Current_User\Downloads to list, then you will be unable to save downloads to that directory when using Sandboxed browser.

    NOTE: There is no C:\Users\Public\OneDrive folder.

    HIPS Groups

    Registry Groups

    Access to pre-defined list of HIPS Registry Groups; user can create New Group\add Registry Keys for easier configuration of HIPS rules for the entire group or keys and load them into HIPS Rulesets.
    • NOT Modified\Default
    COM Groups

    Access to pre-defined list of HIPS COM Groups; user can create New Group\add COM Class for easier configuration of HIPS rules for the entire group or class and load them into HIPS Rulesets.

    • NOT Modified\Default
    SANDBOX

    Sandbox Settings


    Sandbox Settings
    • Do Not Virtualize Access to the Specified Files\Folders: NOT Modified\Default
    • Do Not Virtualize Access to the Specified Registry Keys\Values: NOT Modified\Default
    Advanced
    • Enable Automatic Startup for Services Installed in the Sandbox: Yes
    • Show Highlight Frame for Virtualized Programs: Yes
    • Detect Programs which Require Elevated Privileges e.g. Installers or Updaters: Yes
    • Show Privilege Elevation Alerts for Unknown Programs: Yes
    Virtual Desktop
    • Protect Virtual Desktop with a Password: No
    Auto-Sandbox

    Auto-Sandbox
    • Enable Auto-Sandbox: Yes
    • Enable File Source Tracking: Yes
    • Default Sandbox rule for Unrecognized files changed from "Run Virtually" to "Block."
    Viruscope

    Viruscope
    • Enable Viruscope: Yes
    • Do NOT Show Popup Alerts: Not Enabled
    • Monitor Sandboxed Applications Only: Not Enabled
    FIREWALL

    Firewall Settings


    Firewall Settings
    • Enable Traffic Filtering (Recommended): Custom Ruleset
    Alert Settings
    • Do NOT Show Popup Alerts => Block
    • Enable Trustconnect Alerts: Yes
    • Turn Traffic Animations On: Yes
    • Create Rules for Safe Applications: No
    • Set Alert Frequency Level: Very High
    • Set New On-Screen Alert Time-Out: 999 secs
    Advanced
    • Filter IPv6 Traffic: Yes
    • Filter Loopback Traffic (e.g. 127.x.x.x ::1): Yes
    • Block Fragmented IP Traffic: Yes
    • Do Protocol Analysis: Yes
    • Enable Anti-ARP Spoofing: No
    Application Rules

    Access to firewall rules for pre-defined File Groups and specific applications; user can modify\customize.
    • Pre-Defined Application Groups - NOT Modified\Default
    • All other applications - Assign "Outgoing Only" Ruleset
    Global Rules

    Access to pre-defined Global Firewall rules.
    • NOT Modified\Default
    Rulesets

    Access to pre-defined application firewall rule templates.
    • NOT Modified\Default
    Network Zones

    Network Zones (Settings)
    • Enable Automatic Detection of Private Networks: Yes
    • Do NOT Show Popup Alerts and Treat Locations as: Public
    Network Zones (tab)
    Blocked Zones (tab)


    Portsets


    List of pre-defined port sets.
    • NOT Modified\Default
    Website Filtering

    Website Filtering
    • Enable Website Filtering (Recommended): Yes
    Rules (tab)
    Categories (tab)


    FILE RATING

    File Rating Settings


    File Rating Settings

    File Groups



    File List


    FIle Rating Changes [Important !!]:

    It is complicated to explain all the intricacies of this part of the configuration. My advice is not to do it unless you really are familiar with how CIS functions. You can break things - quite badly in some instances, but at the same time and for the most part, you can always delete any rules that cause problems.

    Change the rating of the following applications\files from Trusted to Unrecognized; equivalent to adding applications\files to Vulnerable Process Black-List in NVT ERP.

    When changing rating from Trusted to Unrecognized, HIPS will block and Sandbox will auto-sandbox the files. For acceptable usability, the user should choose one of the following:

    1. Create auto-sandbox Ignore rule so file is not sandboxed; when an application is sandboxed legitimately safe actions by the application will not be saved to system. By creating an auto-sandbox Ignore rule, HIPS will alert to every step in the run sequence.
    2. Use Training Mode to create HIPS Allow rules and do not create Auto-Sandbox Ignore rule; Sandbox will alert when file is executed. If user knows it is safe, then make sure do not create rule and select Allow.
    • cmd.exe (batch scripts)
    • cscript.exe (VBS, VBE, ...)
    • wscript.exe (VBS, VBE, ...)
    • mshta.exe (HTML applications)
    • regsvr32.dll (DLLs)
    • mmc.exe (Management Console Plugins)
    • regedit.exe (Registry scripts)
    • regedt32.exe (Registry scripts)
    • rundll32.exe (DLLs)
    • rundll.exe (DLLs)
    • powershell.exe (PowerShell scripts, currently incomplete due to the many ways PowerShell can be used for scripting)
    • msiexec.exe (MSI installers)
    • java.exe (JAVA applications)
    • javaw.exe (JAVA applications)
    • vssadmin.exe (Volume Shadow Copy)
    • csc.exe (NET Framework)
    • vbc.exe (NET Framework)
    • jsc.exe (NET Framework)
    • InstallUtil.exe (NET Framework)
    • IEExec.exe (NET Framework)
    • DFsvc.exe (NET Framework)
    • dfshim.dll
    • PresentationHost.exe
    Note: Above list is a combination of vulnerable processes obtained from Emsisoft 10 thread on Wilders Security and Excubits Newsblog + added a few additional files.

    Submitted Files



    Trusted Vendors
     
    Rebsat, mehdi.n, askmark and 22 others like this.
  3. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,169
    29,680
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Rebsat, AtlBo, ZeroDay and 3 others like this.
  4. DracusNarcrym

    DracusNarcrym Level 19

    Oct 16, 2015
    909
    5,705
    Greece
    Windows 10
    Comodo
    #4 DracusNarcrym, Dec 8, 2015
    Last edited: Jan 29, 2016
    DRACUS NARCRYM'S C.I.S./C.F.W. CONFIGURATION FOR BALANCED SECURITY & USABILITY
    IMPORTANT NOTE: CLICK THE SPOILER TO VIEW
    IMPORTANT NOTE:
    BELOW IS THE CUSTOM COMODO INTERNET SECURITY CONFIGURATION WHICH I USE IN MY MAIN, NON-TESTING PC, WHICH I HAVE TWEAKED FOR BALANCED SECURITY AND USABILITY, INSTEAD OF EXTREME/PARANOID SECURITY.
    I HAVE RESET THE "MAXIMUM SECURITY" CONFIGURATION IN MY TESTING MACHINE AND AM CURRENTLY REBUILDING IT.
    IT MIGHT BE POSTED HERE IN THE FUTURE WHEN I HAVE FINALIZED IT.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -




    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



    General Settings

    User Interface
    Theme: Modern Theme
    Language: English (United States) - By COMODO
    ☐ Show messages from COMODO Message Center
    ☐ Show notification messages
    ☐ Show welcome screen on startup
    ☐ Show desktop widget
    ☐ Show information messages when tasks are minimized/sent to background
    ☐ Play sound when an alert is shown
    ☐ Show the 'Upgrade' button in the main window
    Password Protection
    ☐ Enable Password Protection Set Password |-> COMMENT(S): I have not defined any password for the "Set Password" option.
    Updates
    ☑ Check for program updates every 1 days
    ☐ Automatically download program updates
    ☑ Check for database updates every 2 hours
    Options
    ☐ Do NOT check for updates if I am using these connections |-> COMMENT(S): I have not defined any connections for the "these connections" option.
    ☐ Do NOT check for updates if running on battery
    Logging
    ☑ Write to Local Log Database (COMODO Format)
    ☐ Write to Windows Event Logs
    Log File Management
    When log file reches 20 MB
    Delete it and create a new one
    ◯ Move it to the specified folder |-> COMMENT(S): I have not defined any folder for the "the specified folder" option.
    User Statistics
    ☐ Send anonymous program usage statistics to COMODO
    Configuration
    Code:
    Configurations                                   Status
    --------------                                   ------
    COMODO - Internet Security
    COMODO - Proactive Security                      Active
    COMODO - Firewall Security
    COMODO - Internet Security - 6.3.301250.2972
    COMODO - Proactive Security - 6.3.302093.2976
    COMODO - Firewall Security - 6.3.301250.2972



    Security Settings

    Antivirus
    Realtime Scan
    ☑ Enable Realtime Scan (Recommended)
    ☑ Enable scanning optimizations (Recommended)
    Detection
    ☑ Run cache builder when computer is idle
    ☐ Scan computer memory after the computer starts
    ☐ Do not show antivirus alerts Quarantine Threats
    ☐ Decompress and scan archive files of extensions: *.jar, *.exe
    ☐ Set new on-screen alert timeout to 120 secs
    ☐ Set new maximum file size limit to 40 MB
    ☐ Set new maximum script size limit to 4 MB
    ☑ Use heuristics scanning Medium
    Scan
    Code:
    ☐ Name                    Action          Last Scan          Status
    --------------------------------------------------------------------
    ☐ Full Scan               Scan            *date*             ✖
    ☐ Quick Scan              Scan            *date*             ✖
    Exclusions
    Code:
    Excluded Paths
    *DEFAULT EXCLUDED PATHS*
    Code:
    Excluded Applications
    *NO EXCLUDED APPLICATIONS*
    Defense+
    HIPS
    HIPS Settings
    ☑ Enable HIPS
    Safe Mode Monitoring Settings |-> COMMENT(S): In " Monitoring Settings ", ALL ITEMS ARE CHECKED ☑.
    ☐ Do NOT show popup alerts Allow Requests
    ☑ Set popup alerts to verbose mode
    ☐ Create rules for safe applications
    ☐ Set new on-screen alert timeout to 120 secs
    Advanced
    ☑ Enable adaptive mode under low system resources
    ☐ Block all unknown requests when the application is not running
    ☑ Enable enhanced protection mode (Requires a system restart)
    ☑ Do heuristic command-line analysis for certain applications
    ☑ Detect shellcode injections Exclusions |-> COMMENT(S): I have set NO exclusions in Exclusions.
    HIPS Rules
    Code:
    ☐ Application                                    Treat As
    *DEFAULT RULES PLUS ANY RULE(S) THE USER CREATES - USER-CREATED RULES MAY VARY FROM SYSTEM TO SYSTEM*
    Rulesets
    Code:
    ☐ Ruleset Name
    *DEFAULT RULESETS - THERE IS NO NEED FOR THE USER TO CREATE A CUSTOM RULESET*
    Protected Objects
    Code:
    Protected Objects
    *DEFAULT PROTECTED OBJECTS ARE SUFFICIENT - THE USER MAY DEFINE HIS/HER IMPORTANT FILES FOR PROTECTION*
    HIPS Groups
    Code:
    HIPS Groups
    *DEFAULT GROUPS ARE SUFFICIENT*
    Sandbox
    Sandbox Settings
    ☑ Do not virtualize access to the specified files/folders |-> COMMENT(S): The only item which is defined in the " the specified files/folders " setting is %ProgramData%\Shared Space\* which is the default item (it usually has this form: C:\ProgramData\Shared Space\*).
    ☐ Do not virtualize access to the specified registry keys/values. |-> COMMENT(S): I have not specified any items for the " the specified registry keys/values " setting.
    Advanced
    ☐ Enable automatic startup for services installed in the Sandbox
    ☑ Show highlight frame for virtualized programs
    ☑ Detect programs which require elevated privileges e.g. installers or updaters
    ☑ Show privilege elevation alerts for unknown programs
    Virtual Desktop
    ☐ Protect Virtual Desktop with a password |-> COMMENT(S): I have not specified any password for the " password " setting.
    Auto-Sandbox
    ☐ Enable Auto-Sandbox
    ☑ Enable file source tracking
    Code:
    ☐ Action                        Target                        Reputation                        Enable Rule
    *DEFAULT POLICIES*
    Viruscope
    ☐ Enable Viruscope
    ☐ Do NOT show popup alerts
    ☑ Monitor sandboxed applications only
    Code:
    Name                        Version            Status
    *DEFAULT ITEMS, IF ANY*
    Firewall
    Firewall Settings
    ☑ Enable Traffic Filtering (Recommended) Custom Ruleset
    Alert Settings

    ☐ Do NOT show popup alerts Allow Requests
    ☐ Enable Trustconnect alerts Unsecured Wireless Networks only
    ☑ Turn traffic animation effects on
    ☐ Create rules for safe applications
    ☑ Set alert frequency level Medium |-> COMMENT(S): Medium alert frequency level means you get one alert per executable file, unless you create a rule for that file using the Remember my choice option in the related COMODO Firewall alert.
    ☐ Set new on-screen alert timeout to 120 secs
    Advanced
    ☑ Filter IPv6 traffic
    ☑ Filter loopback traffic (e.g. 127.x.x.x, ::1)
    ☐ Block fragmented IP traffic
    ☐ Do Protocol Analysis
    ☐ Enable anti-ARP spoofing​
    Application Rules
    Code:
    ☐ Application                        Treat As
    *DEFAULT RULES PLUS ANY RULE(S) THE USER CREATES - USER-CREATED RULES MAY VARY FROM SYSTEM TO SYSTEM*
    Global Rules
    Code:
    ☐ Rules
    *DEFAULT GLOBAL RULES*
    Rulesets
    Code:
    ☐ Ruleset Name
    *DEFAULT RULESETS ARE SUFFICIENT*
    Network Zones

    ☑ Enable automatic detection of private networks
    ☐ Do NOT show popup alerts and treat location as Home
    Code:
    Network Zones
    -------------
    ☐ Zone name
    *DEFAULT ZONES PLUS ANY ZONE THAT IS DEFINED BY THE USER - NETWORK ZONES ARE USUALLY DEFINED WHEN JOINING A NEW NETWORK FOR THE FIRST TIME (COMODO PRODUCES A RELATED ALERT)*
    Code:
    Blocked Zones
    -------------
    ☐ Zone name
    *ANY ZONE DEFINED BY THE USER - USEFUL FOR BLOCKING SPECIFIC REMOTE ADDRESSES MANUALLY (GOOD ALTERNATIVE TO HOSTS FILE, SINCE THE HOSTS FILE IN WINDOWS 7 AND ABOVE VERSIONS DOES NOT WORK EFFECTIVELY FOR "BLOCKING" ADDRESSES)*
    Portsets
    Code:
    ☐ Portset
    *DEFAULT PORTSETS ARE SUFFICIENT*
    Website Filtering

    ☑ Enable Website Filtering (Recommended)
    Code:
    Rules
    -----
    ☐ Rules                        Enable Rule
    *DEFAULT RULES AND PROFILES ARE SUFFICIENT*
    Code:
    Categories
    ----------
    ☐ Categories
    *DEFAULT RULES AND PROFILES ARE SUFFICIENT, IF ANY*
    Fire Rating
    File Rating Settings
    ☑ Enable Cloud Lookup (Recommended)
    ☑ Analyze unknown files in the cloud by uploading them for instant analysis
    ☐ Do NOT show popup alerts
    ☑ Trust applications signed by trusted vendors
    ☐ Trust files installed by trusted installers
    ☑ Detect potentially unwanted applications​
    File Groups
    Code:
    ☐ File Groups
    *DEFAULT FILE GROUPS ARE SUFFICIENT*
    File List
    Code:
    ☐ File Path            Company            First Observed            File Rating
    *FILE LIST IS POPULATED DIFFERENTLY FOR EVERY SYSTEM AND SO IT VARIES FROM SYSTEM TO SYSTEM*
    Submitted Files
    Code:
    Path                        Submitted            Submitted As
    *THE SUBMITTED FILES LIST VARIES FROM SYSTEM TO SYSTEM AND THE ITEMS IT CONTAINS DEPEND ON THE USERS' ACTIONS AND CHOICES, REGARDING THE FILE/FILES WHICH IS/ARE TO BE UPLOADED - SO, THE CONTENTS OF THIS LIST VARY FROM SYSTEM TO SYSTEM*
    Trusted Vendors
    Code:
    ☐ Vendors (Signer Name in the Code Signing Certificate)
    *THE DEFAULT TRUSTED VENDORS LIST IS SUFFICIENT*



    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



    That is the COMODO Internet Security configuration I use on my main PC and laptop.

    If you have any questions or suggestions, you can send me a private message to discuss them with me.
     
  5. DracusNarcrym

    DracusNarcrym Level 19

    Oct 16, 2015
    909
    5,705
    Greece
    Windows 10
    Comodo
    #5 DracusNarcrym, Dec 8, 2015
    Last edited: Dec 8, 2015
    RESERVED #1

    I would like to reserve this extra post in case I need more space to expand my configuration in the future.

    If any staff member deems it unnecessary, I kindly request that they remove this post at their convenience.

    Thank you for your understanding!
     
    AtlBo, ZeroDay, mehdi.n and 11 others like this.
Loading...
Similar Threads Forum Date
Update Comodo Internet Security Essentials v.1.3.436779.133 - RC Comodo Jan 4, 2018
Update Comodo Internet Security v10.1.0.6460 - Beta Comodo Dec 23, 2017
Update Recognizer v1.10.0.105 for Comodo Internet Security v10 (RC) Comodo Dec 12, 2017