- Jul 3, 2015
- 8,153
Here it is: a Comodo setup for you that works well and protects well.
I called it ComodoFix because it fixes a lot of the most common issues and headaches.
Feel free to comment...
1 Install and configure the antivirus program of your choice. This could be Windows Defender, Kaspersky Free Antivirus, or another AV of your choice. Avoid AVs that have firewall and HIPS components.
Make sure your system is clean of malware before proceeding further.
2 Download Comodo Firewall, and during installation, don't forget to untick these options:
Initial setup:
1 Do not switch to Proactive config
2 Do not disable Windows Firewall
3 Disable the highlighted components:
Configure Firewall by creating the following custom rules.
(This will stop Comodo firewall from blocking System files.)
To create custom rules, first select any file on your computer, then double-click on the path (where it says "Name:") and edit it accordingly.
Configure Autocontainment by changing these rules from "Run virtually" to "Block"
This will block all the suspicious files that might come onto your system, while allowing the safe files that you already have.
What exactly does Autocontainment do in ComodoFix config?
It blocks all files that fall into one or more of the following categories:
1 Unrecognized and less than 3 days old.
2 Unrecognized and originating from Intranet, Removable Media, or Internet.
3 Unrecognized and created by Web Browsers, Email Clients, File Downloaders, File Archivers, or Management and Productivity Apps.
4 Found in suspicious locations.
Lockdown mode:
If you want to harden the config, do as follows.
1 In Advanced protection/Script Analysis, enable everything in the list.
(The actual list is longer than shown in the screenshot.)
2 Disable notifications so all suspicious files will be automatically blocked. You will probably get a Windows error message when a file is blocked, and if you want to allow it, just open Comodo and "trust" that file. You will find it in the blocked list.
3 Customize the Trusted Vendors list as desired, and consider disabling Cloud lookup.
FAQ:
Does ComodoFix solve all known and unknown Comodo bugs?
No. But it does solve a lot of the most common issues and headaches.
Do I still need an antivirus program?
I advise people with advanced security solutions to use AV as well, just as I would advise people with pants to also use underwear.
What's so great about Comodo in general, and this config in particular? Why should I use it?
Comodo Firewall offers great default-deny protection and runs super light. And it is chock full of valuable tweaks, for those so inclined. And it's free. This config just makes it easier, that's all.
Should I tweak script protection? Will it cause issues?
That's up to you. Depending on your software, you might experience issues, especially with cmd.exe. If you experience an issue, and whitelisting the command line does not help, then revert the troublesome process to its default settings.
Is ComodoFix different from CruelComodo, and if so, should I switch to ComodoFix?
Yes, it is significantly different. No, you should not switch unless you are experiencing issues.
Is this the ultimate lockdown setup? Will my computer be Fort Knox?
Your computer might be Fort Knox (I never tried to break into a fort, so I can't say for sure) but this is not the ultimate lockdown setup. You can further enhance protection with Andy Ful's free tools:
ConfigureDefender, Hard_Configurator, FirewallHardening, and RunBySmartscreen. If Andy puts out any new tools, use them too!
I called it ComodoFix because it fixes a lot of the most common issues and headaches.
Feel free to comment...
1 Install and configure the antivirus program of your choice. This could be Windows Defender, Kaspersky Free Antivirus, or another AV of your choice. Avoid AVs that have firewall and HIPS components.
Make sure your system is clean of malware before proceeding further.
2 Download Comodo Firewall, and during installation, don't forget to untick these options:
Initial setup:
1 Do not switch to Proactive config
2 Do not disable Windows Firewall
3 Disable the highlighted components:
Configure Firewall by creating the following custom rules.
(This will stop Comodo firewall from blocking System files.)
To create custom rules, first select any file on your computer, then double-click on the path (where it says "Name:") and edit it accordingly.
Configure Autocontainment by changing these rules from "Run virtually" to "Block"
This will block all the suspicious files that might come onto your system, while allowing the safe files that you already have.
What exactly does Autocontainment do in ComodoFix config?
It blocks all files that fall into one or more of the following categories:
1 Unrecognized and less than 3 days old.
2 Unrecognized and originating from Intranet, Removable Media, or Internet.
3 Unrecognized and created by Web Browsers, Email Clients, File Downloaders, File Archivers, or Management and Productivity Apps.
4 Found in suspicious locations.
Lockdown mode:
If you want to harden the config, do as follows.
1 In Advanced protection/Script Analysis, enable everything in the list.
(The actual list is longer than shown in the screenshot.)
2 Disable notifications so all suspicious files will be automatically blocked. You will probably get a Windows error message when a file is blocked, and if you want to allow it, just open Comodo and "trust" that file. You will find it in the blocked list.
3 Customize the Trusted Vendors list as desired, and consider disabling Cloud lookup.
FAQ:
Does ComodoFix solve all known and unknown Comodo bugs?
No. But it does solve a lot of the most common issues and headaches.
Do I still need an antivirus program?
I advise people with advanced security solutions to use AV as well, just as I would advise people with pants to also use underwear.
What's so great about Comodo in general, and this config in particular? Why should I use it?
Comodo Firewall offers great default-deny protection and runs super light. And it is chock full of valuable tweaks, for those so inclined. And it's free. This config just makes it easier, that's all.
Should I tweak script protection? Will it cause issues?
That's up to you. Depending on your software, you might experience issues, especially with cmd.exe. If you experience an issue, and whitelisting the command line does not help, then revert the troublesome process to its default settings.
Is ComodoFix different from CruelComodo, and if so, should I switch to ComodoFix?
Yes, it is significantly different. No, you should not switch unless you are experiencing issues.
Is this the ultimate lockdown setup? Will my computer be Fort Knox?
Your computer might be Fort Knox (I never tried to break into a fort, so I can't say for sure) but this is not the ultimate lockdown setup. You can further enhance protection with Andy Ful's free tools:
ConfigureDefender, Hard_Configurator, FirewallHardening, and RunBySmartscreen. If Andy puts out any new tools, use them too!
Last edited:
