Advice Request Comodo Internet Security Setup/configuration thread

[Windows_Security]

Trick question: All who have HIPS enabled, look at the rules you (or CFW generated) for specific programs.

Is there something irrational about the rules (hint look at what is allowed)?

Long ago (with nickname Kees1958) I called (CFW's )HIPS not a HIPS(Host Intrusion Protection System) but a HAPS (Hassle Allow Popup System).

Most of the rules generated by CFW are way to wide, effectively reducing the HIPS to an AntiExecutable at best.

I am open to discussion, but be warned there must be a reason why other very knowledgeable members advice to disable the HIPS in their recommended settings.

 

[cyberfort]

in new comodo interface there is no proactive mode

is proactive same as safe mode?

 

[Av Gurus]

can you add some screenshots?

 

[shmu26]

in new comodo interface there is no proactive mode

is proactive same as safe mode?

No, it is not the same. You are not looking in the right place. You need to look in configurations
Comodo Preset Configurations | Comodo Internet Security | Comodo Internet Security v5.9/5.10

 

[Moonhorse]

When im using comodo firewall with cruelsisters settings, im unable to run stuff in container

But when im using CIS with cruelsisters settings im able to run stuff in container, why?

Is that because of antivirus have the container aswell?

 

[cruelsister]

Moon- What do you mean? If you want to run something in the Container (sandboxed), just right click the exe (or whatever) and choose "Run In Comodo Container". Otherwise just run the exe- if it is unsigned (and Comodo does NOT have a definition against it), it will be Contained automatically.

 

[Moonhorse]

Moon- What do you mean? If you want to run something in the Container (sandboxed), just right click the exe (or whatever) and choose "Run In Comodo Container". Otherwise just run the exe- if it is unsigned (and Comodo does NOT have a definition against it), it will be Contained automatically.

When i was using kfa + cfw with cs i couldnt run anything in container, you have guide how to run browser in container after you have set up fw.

But Now i have been using internet security, with cs settings i can run everything in container, when kfa + cf didnt let me to

 

[cruelsister]

Moon- Ask yourself why would you want to run the browser contained? Please, please, please understand that I mean you NO DISRESPECT- but a User's need to run a browser contained is due to a lack of knowledge of how Comodo works. Let's say you are browsing somewhere and come to a site that has either an Exploit or a Malicious Script. Comodo will contain these things INDEPENDENTLY of whether or not the Browser is contained. Please trust me on this- I am probably the nastiest person with whom you will ever correspond and I am comfortable running my browsers unsandboxed with CF on board (and God knows how many times I have tried to breach it).

Secondly- why use CIS? The only difference between CIS and CF is that CIS has a quite inadequate local AV scanner. Don't bother with that! Use K free + Cruel Comodo and just try to get infected!

 

[Deleted member 178]

@cruelsister gift for you, he did it! he did it !




hahahahaha

 

[Moonhorse]

Moon- Ask yourself why would you want to run the browser contained? Please, please, please understand that I mean you NO DISRESPECT- but a User's need to run a browser contained is due to a lack of knowledge of how Comodo works. Let's say you are browsing somewhere and come to a site that has either an Exploit or a Malicious Script. Comodo will contain these things INDEPENDENTLY of whether or not the Browser is contained. Please trust me on this- I am probably the nastiest person with whom you will ever correspond and I am comfortable running my browsers unsandboxed with CF on board (and God knows how many times I have tried to breach it).

Secondly- why use CIS? The only difference between CIS and CF is that CIS has a quite inadequate local AV scanner. Don't bother with that! Use K free + Cruel Comodo and just try to get infected!

i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it Thanks for your responses,

 

[codswollip]

i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it Thanks for your responses,

Maybe I'm understanding you... or maybe not. With CS settings if I try to run Firefox (launching from widget) it will not connect out. It is auto-blocked by firewall. Is that your question?

 

[Moonhorse]

Maybe I'm understanding you... or maybe not. With CS settings if I try to run Firefox (launching from widget) it will not connect out. It is auto-blocked by firewall. Is that your question?

If i launch browser from widget , it wont open at all, if i run it by exe it will just crash my pc. With cis everything opens without connecting out so im wondering why cis isnt blocking it and firewall is

Cis + cs settings = containment works
Firewall only + cs settings = containment wont work

In cruelsisters latest video, he will explain how to allow browser run in container instead its getting blocked by firewall

I have no need to run items in container, thats not the problem, im just asking why containment with cis works but with firewall doesnt

 

[cruelsister]

Umbra- hardly- that was not under Cruel Comodo.

 

[Deleted member 178]

Umbra- hardly- that was not under Cruel Comodo.

i know, hence the smiley ^^ (i was teasing you because you said '"how many times i tried to breach it")

 

[shmu26]

i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it Thanks for your responses,

I am just guessing: when you install CIS, maybe you don't actually change it to proactive config?
That makes a big difference.

 

[Moonhorse]

I am just guessing: when you install CIS, maybe you don't actually change it to proactive config?
That makes a big difference.

I had something messed up for sure, since i removed cis now and set up firewall with cruels settings and containment is working right now. Kfa just telling me to remove comodo firewall now

 

[shmu26]

I had something messed up for sure, since i removed cis now and set up firewall with cruels settings and containment is working right now. Kfa just telling me to remove comodo firewall now

When you install CIS, it at first is not in the right config. First thing is to switch it to Proactive config. Actually, this is true with installing Firewall alone, you also have to switch config.

 

[robboman93]

Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?

 

[Moonhorse]

Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?

Im not sure, but when you have those limited/partially limited settings you have like lockdown on your system, so it works as anti-exploit? Better wait for @cruelsister answer, either @Umbra

I used comodo first time like 2009, i had mid-end gaming pc back then and internet security were so heavy, so much more pop-ups and i were younger

But nowadays, comodo have been improved alot and its more user-friendly than it used to be. Basically understanding how firewall works is easier using comodo firewall that have actually detailed everything than windows default does

 

[shmu26]

Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?

Either way, it is virtualized, the question is to what extent it is virtualized. By default, it is partially limited. If you want stronger sandboxing, you can set it for limited or even restricted. The stronger the sandbox is, the more you are protected, but also there is more chance that the sandboxed process won't be able to run at all. If it is a critical process, this might make the system unstable.