Q&A Comodo Internet Security Setup/configuration thread

Discussion in 'Comodo' started by Umbra, Nov 12, 2015.

?

Does this thread helped/informed you?

  1. Yes, i learned new things

    81.4%
  2. No, i know all of CIS already

    18.6%
  1. paulderdash

    paulderdash Level 3

    Apr 28, 2015
    121
    331
    In the æther ...
    I have the same as you but instead of 'Block', I have 'Run inside the Container'.

    Someone else will have to confirm which is 'correct'.
     
    AtlBo and shmu26 like this.
  2. Av Gurus

    Av Gurus Level 28
    Trusted AV Tester

    Sep 22, 2014
    1,713
    10,631
    Testing security programs
    Earth
    Windows 10
    This is ok if you want to set CF like anti-exe.
    What is your settings under Auto-Container?
     
    AtlBo likes this.
  3. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    I have all unrecognized applications set to run virtually/restricted.
    I was trying to follow CS instructions, just wanted to make sure I got it right.
     
    AtlBo likes this.
  4. Rebsat

    Rebsat Level 5

    Apr 13, 2014
    213
    592
    Sulaimaniya, Iraq
    Windows 7
    Emsisoft
    I want to see more contribution and activity over this thread to help millions of users like me understand how to configure CFW properly and achieve maximum security on their system. A million thanks for our hero @Umbra for all of his great effort over MT (y) I wish him a very good luck with his job and life ;)
     
    AtlBo, Umbra, shmu26 and 1 other person like this.
  5. TerrakionSmash

    TerrakionSmash Level 16

    Nov 17, 2016
    750
    2,125
    Somewhere underwater or over water. I am water!
    Windows 10
    Microsoft
    I don't think there's a need since cruelsister's settings should be the easiest and thinking is slow and expensive. The lack of prompts should minimize that.
     
    Rebsat and AtlBo like this.
  6. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    IMHO somewhere in-between CS settings and Umbra settings should hit the sweet spot for a lot of people.
     
    Rebsat and AtlBo like this.
  7. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,161
    29,615
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Thank You :)
     
    Rebsat, AtlBo and bribon77 like this.
  8. ZeroDay

    ZeroDay Level 22

    Aug 17, 2013
    1,116
    3,176
    Birmingham UK
    Windows 10
    Kaspersky
    @Umbra Did Comodo fix the disappearing rules issue? I only ask because I remember you saying you'd never use it until they did, I'm hoping they've either fixed it or given us a way to quickly get our rule back.
     
    Rebsat and AtlBo like this.
  9. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    Getting your rules back again is no problem, if you backed them up beforehand. This is done from General Settings/Configuration/Export.
     
  10. AtlBo

    AtlBo Level 22

    Dec 29, 2014
    1,143
    4,511
    Qihoo 360
    Rules seem to be fixed here but I was having a problem with Comodo crashing. Then again, this system has had memory usage issues for a long time which I think must be graphics related and Google Chrome...only 512 mb of video RAM on the card I am using. Also, found out the hard drive needed replacing recently and no issues since then at all. v10 does look stable but maybe just a little bit jittery I guess. @shmu26 is correct. Reimporting settings works well also.
     
  11. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,161
    29,615
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    i couldn't wait to see if they fixed it, my job requires me to be updated about it so i can inform users using both EAM with CFW. But for the moment, it didn't appeared.
     
  12. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    Maybe someone can give me insight on this one:
    When you run HIPS in training mode, does it make allow rules for a whole set of actions for a given process?
    And what about if you "unblock" a process from blocked applications? What does it actually allow?
    I looked at the rules of some processes, and I couldn't understand how so many actions became allowed.

    What is the best way to get your system ready to run in paranoid mode? I mean, a method so you don't have to click 32 times to allow registry changes and 7 times for file changes, for every silly Windows process that pops up.
     
    AtlBo likes this.
  13. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    Okay, another question:
    I trimmed my trusted vendors list down to stuff that I actually have installed.
    Then I went and installed Sandboxie. I saw no alert prompt, except for firewall, and after installation, I saw Invincea in the TVL. What just happened?
     
    AtlBo likes this.
  14. Av Gurus

    Av Gurus Level 28
    Trusted AV Tester

    Sep 22, 2014
    1,713
    10,631
    Testing security programs
    Earth
    Windows 10
    Maybe this:
    tr.jpg
     
    Cats-4_Owners-2 and AtlBo like this.
  15. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    I think that refers to Microsoft Windows installer etc.
     
    Cats-4_Owners-2 and AtlBo like this.
  16. AtlBo

    AtlBo Level 22

    Dec 29, 2014
    1,143
    4,511
    Qihoo 360
    Not sure about training mode as I never used it. Unblocking from the Unblock Applications actually goes so far as to change the process file rating to trusted AND add an allow rule for each, Firewall and HIPS (except start a process which I think is set to ask) and then an ignore rule in containment. This is what I have seen, and you can test with any unrecognized portable app if you like.

    If you could say what you have seen from training mode so far, maybe I could help some. Is it supposed to create rules but not enforce them...is that the idea?
     
  17. AtlBo

    AtlBo Level 22

    Dec 29, 2014
    1,143
    4,511
    Qihoo 360
    Do you have Cloud Lookup on? Maybe this is the case where cloud lookup will override "Unrecognized" and add the vendor to the TVL if there is a directive on the cloud to allow the file/process. Sounds like the same thing I have heard several times before.

    I'm still not using Cloud Lookup because I would like the opportunity to create rules for new processes. The addition to the TVL is basically a blanket allow, even if allow rules aren't created by Cloud Lookup. I am sure in the Files List the file of the process is assigned the "Trusted" rating due to the vendor's presence in the whitelist via CL.
     
  18. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    It creates allow rules and when you switch to another mode it applies them.
    The behavior you are describing for unblocking a process sounds a little like what I saw. I saw that it allowed most actions, but not to start a process, also not to modify the registry or protected files.
     
    AtlBo likes this.
Loading...
Similar Threads Forum Date
Update Comodo Internet Security Essentials v.1.3.436779.133 - RC Comodo Jan 4, 2018
Update Comodo Internet Security v10.1.0.6460 - Beta Comodo Dec 23, 2017
Update Recognizer v1.10.0.105 for Comodo Internet Security v10 (RC) Comodo Dec 12, 2017