Advice Request Comodo Internet Security Setup/configuration thread

Please provide comments and solutions that are helpful to the author of this topic.

Does this thread helped/informed you?


  • Total voters
    94
Status
Not open for further replies.

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Trick question: All who have HIPS enabled, look at the rules you (or CFW generated) for specific programs.

Is there something irrational about the rules (hint look at what is allowed)?

Long ago (with nickname Kees1958) I called (CFW's )HIPS not a HIPS(Host Intrusion Protection System) but a HAPS (Hassle Allow Popup System).

Most of the rules generated by CFW are way to wide, effectively reducing the HIPS to an AntiExecutable at best.

I am open to discussion, but be warned there must be a reason why other very knowledgeable members advice to disable the HIPS in their recommended settings.
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
When im using comodo firewall with cruelsisters settings, im unable to run stuff in container

But when im using CIS with cruelsisters settings im able to run stuff in container, why?

Is that because of antivirus have the container aswell?
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Moon- What do you mean? If you want to run something in the Container (sandboxed), just right click the exe (or whatever) and choose "Run In Comodo Container". Otherwise just run the exe- if it is unsigned (and Comodo does NOT have a definition against it), it will be Contained automatically.
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Moon- What do you mean? If you want to run something in the Container (sandboxed), just right click the exe (or whatever) and choose "Run In Comodo Container". Otherwise just run the exe- if it is unsigned (and Comodo does NOT have a definition against it), it will be Contained automatically.
When i was using kfa + cfw with cs i couldnt run anything in container, you have guide how to run browser in container after you have set up fw.

But Now i have been using internet security, with cs settings i can run everything in container, when kfa + cf didnt let me to
 
  • Like
Reactions: oldschool

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Moon- Ask yourself why would you want to run the browser contained? Please, please, please understand that I mean you NO DISRESPECT- but a User's need to run a browser contained is due to a lack of knowledge of how Comodo works. Let's say you are browsing somewhere and come to a site that has either an Exploit or a Malicious Script. Comodo will contain these things INDEPENDENTLY of whether or not the Browser is contained. Please trust me on this- I am probably the nastiest person with whom you will ever correspond and I am comfortable running my browsers unsandboxed with CF on board (and God knows how many times I have tried to breach it).

Secondly- why use CIS? The only difference between CIS and CF is that CIS has a quite inadequate local AV scanner. Don't bother with that! Use K free + Cruel Comodo and just try to get infected!
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Moon- Ask yourself why would you want to run the browser contained? Please, please, please understand that I mean you NO DISRESPECT- but a User's need to run a browser contained is due to a lack of knowledge of how Comodo works. Let's say you are browsing somewhere and come to a site that has either an Exploit or a Malicious Script. Comodo will contain these things INDEPENDENTLY of whether or not the Browser is contained. Please trust me on this- I am probably the nastiest person with whom you will ever correspond and I am comfortable running my browsers unsandboxed with CF on board (and God knows how many times I have tried to breach it).

Secondly- why use CIS? The only difference between CIS and CF is that CIS has a quite inadequate local AV scanner. Don't bother with that! Use K free + Cruel Comodo and just try to get infected!
i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it :D Thanks for your responses,
 
  • Like
Reactions: oldschool

codswollip

Level 23
Content Creator
Well-known
Jan 29, 2017
1,201
i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it :D Thanks for your responses,
Maybe I'm understanding you... or maybe not. With CS settings if I try to run Firefox (launching from widget) it will not connect out. It is auto-blocked by firewall. Is that your question?
 
  • Like
Reactions: oldschool

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Maybe I'm understanding you... or maybe not. With CS settings if I try to run Firefox (launching from widget) it will not connect out. It is auto-blocked by firewall. Is that your question?
If i launch browser from widget , it wont open at all, if i run it by exe it will just crash my pc. With cis everything opens without connecting out so im wondering why cis isnt blocking it and firewall is

Cis + cs settings = containment works
Firewall only + cs settings = containment wont work

In cruelsisters latest video, he will explain how to allow browser run in container instead its getting blocked by firewall

I have no need to run items in container, thats not the problem, im just asking why containment with cis works but with firewall doesnt
 
Last edited:
  • Like
Reactions: oldschool

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
i just meant that if i install firewall only and i try to run anything in container with cs settings, it wont let it run in container at all. But when i do install cis and put cs settings it will let me run everything in container, im wondering why. Its not about that i want to run something in container. Im bad to explain it :D Thanks for your responses,
I am just guessing: when you install CIS, maybe you don't actually change it to proactive config?
That makes a big difference.
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
I am just guessing: when you install CIS, maybe you don't actually change it to proactive config?
That makes a big difference.
I had something messed up for sure, since i removed cis now and set up firewall with cruels settings and containment is working right now. Kfa just telling me to remove comodo firewall now
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
I had something messed up for sure, since i removed cis now and set up firewall with cruels settings and containment is working right now. Kfa just telling me to remove comodo firewall now
When you install CIS, it at first is not in the right config. First thing is to switch it to Proactive config. Actually, this is true with installing Firewall alone, you also have to switch config.
 

robboman93

New Member
Jul 16, 2018
1
Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit :)

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit :)

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?
Im not sure, but when you have those limited/partially limited settings you have like lockdown on your system, so it works as anti-exploit? Better wait for @cruelsister answer, either @Umbra

I used comodo first time like 2009, i had mid-end gaming pc back then and internet security were so heavy, so much more pop-ups and i were younger

But nowadays, comodo have been improved alot and its more user-friendly than it used to be. Basically understanding how firewall works is easier using comodo firewall that have actually detailed everything than windows default does
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Hey all,

So I have not used any Comodo products in a few years. Just installed CF and it seems to be way more stable in usage compared to how it used to behave. I have a few questions regarding the sandbox though, maybe somebody with more knowledge can help me out a bit :)

So I already enabled Pro-active mode. Auto containment is enabled for unkown files, Hips disabled. I have seen Cruelsister her config videos on YT. What is the difference between these 2 options:

- Stock setting enable auto sandbox, no restriction defined.
- Enable auto sandbox, manually set restriction to something like limited/partially limited.

Now both settings would auto sandbox and let unkown files run in a virtual environment, so would changing the restrictions to limited/untrusted make any difference in regards to protection? The unkown file is run virtualized anyways right?
Either way, it is virtualized, the question is to what extent it is virtualized. By default, it is partially limited. If you want stronger sandboxing, you can set it for limited or even restricted. The stronger the sandbox is, the more you are protected, but also there is more chance that the sandboxed process won't be able to run at all. If it is a critical process, this might make the system unstable.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top