- Aug 22, 2013
- 822
This is my daughter's New laptop. She is using it for her educational purpose, She is only 12 years old so I decided to go with a locked down configuration with the help of Comodo firewall. All unknown files are automatically contained and run with "limited " privileges. To make it a locked down system I have removed all vendors certificates from Vendor List and kept only the ones which is installed in system ( about 30 or so digital certificates) and disabled " cloud Lookup" in File rating. Now what this does is, any file, if it is not in the vendor list, will be executed -be it digitally signed or not- will run inside the "containment". So she can not install anything knowingly or unknowingly with out my permission.
How to easily populate vendors list for a locked down configuration;
1. Enable CS settings in containment.
2. Enable cloud lookup in file rating.
3. select all vendor certificates in vendor list by ticking Vendor Tab.
4. remove all and click "OK"
5. Now run all the apps you have installed one by one, the vendor list will get auto populated as you run those applications. Restart the pc and keep the "cloud lookup" feature in file rating for a few days.
6. Disable the cloud lookup in file rating.
7. If you need to install anything just enable the cloud lookup in file rating for it and disable the same after installation.
How to easily populate vendors list for a locked down configuration;
1. Enable CS settings in containment.
2. Enable cloud lookup in file rating.
3. select all vendor certificates in vendor list by ticking Vendor Tab.
4. remove all and click "OK"
5. Now run all the apps you have installed one by one, the vendor list will get auto populated as you run those applications. Restart the pc and keep the "cloud lookup" feature in file rating for a few days.
6. Disable the cloud lookup in file rating.
7. If you need to install anything just enable the cloud lookup in file rating for it and disable the same after installation.
Last edited: