I disabled HIPS on my CF setup. My only real-time protection is CFs file lookup server and VirusScope. What would happen if a legit program tries to load infected DLL? Does CF protect against it?
Where can I find comodo firewall ?Hi Nagisa! Actually the better question is how to PREVENT a dll from getting infected, and this is where the strength of CF comes into play (Containment). Currently the popular method for either reflective dll or PE injection is by means of some script or other (powershell being the most common). Consider something like Netwalker variants which will initiate encryption with a powershell script that inject a dll into explorer. Stop the script will stop the malicious cascade (and CF just loves to kill scriptors). With Containment in Restricted Mode
Things like various sorts of Process Hollowing and Process Doppelgänging are also prevented by CF (not that you asked).
And good move on killing the HIPS. HIPS (in general) tend to give a false sense of security while pretty much ignoring things like the recently popular trend for malware to use LoLbins (the Ransominater series in the Video section being an excellent example).
Oh yeah- good move not bothering with CIS (which has the not needed on demand scanner). As you mention CF has the Cloud and File rating, but having something like WD enabled is also a good idea.
Here's a linkWhere can I find comodo firewall ?
Since the EOL only CIS is available via the website.
Post or PM a link if possible.
Till it shows weird bugs and errors or till it gets updated...And when you download Comodo Firewall, set it up to Cruelsister's specs. Doesn't take but a couple of minutes and you've got as close to bulletproof protection as any security software of which I'm aware.