aka my config, because you can't trust anyone especially cloud stuff
Malware bypass Comodo Firewall @ CS settings
- Thread starter Av Gurus
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Sep 22, 2014
- 1,767
yes, it's correct
first can you reset the file ratings list or reset comodo and do everything from the beginning so we would have the most correct result
- Jul 3, 2015
- 8,153
Delete it from the file list, so Comodo won't remember the cloud rating.
- Sep 22, 2014
- 1,767
I restore virtual machine, don't worry
With Cloud disabled HIPS pop-up, I Allow that, file is in sandbox and Unrecognized
With Cloud disabled HIPS pop-up, I Allow that, file is in sandbox and Unrecognized
As expected
Now you can change your thread title ^^
"malware-bypass-comodo-firewall-cs-settings because wrongly rated"
- Jul 3, 2015
- 8,153
Perfect. Great job!I restore virtual machine, don't worry
With Cloud disabled HIPS pop-up, I Allow that, file is in sandbox and Unrecognized
View attachment 148095View attachment 148096 View attachment 148097View attachment 148098
So we don't need paranoid settings, we just need to disable the stupid cloud lookup.
- Sep 22, 2014
- 1,767
So, for better protection we should put HIPS to Safe Mode and disable Cloud (i don't want Paranoid Mode on HIPS, sorry)?
thank you for the test.I restore virtual machine, don't worry
With Cloud disabled HIPS pop-up and Allow that, file is in sandbox
View attachment 148095View attachment 148096 View attachment 148097
now without cloud lookup, almost all malwares won't be able to bypass
however, the rate of safe files being sandboxed will be crazy. When I disabled cloud lookup, I went mad because everything was sandboxed
no need for HIPS. Disabling Cloud is already a pain
CS setting is useful for average users and for daily usage, but it is not max protection, even mine ( Comodo Internet Security Setup/configuration thread (Setting Only) ) can be tightened more.
My setting unfortunately isn't for beginners/advanced users.
My setting unfortunately isn't for beginners/advanced users.
That is why in my settings , i use Paranoid Mode + cloud lookup. All angles are covered without much hassles.
- Jul 3, 2015
- 8,153
Did you also cut down the trusted vendors list?
I saw that Comod GUI was heavily modified especially the settings denominations. Luckily i don't use it anymore
no, I didn't touch it
if delete the list + cloud disabled -> potential cause of windows files being sandboxed and unbootable. no need to cutdown the list if cloud is off
- Jan 6, 2017
- 835
I tried HIPS paraniod. First i had it in trainig mode for like 4 days. Then switched to paranoid.
Result after reboot: the system was super slow, the programmes couldnt start and even Comodo couldnt start.
Why @Umbra ?
I can't tell, HIPS must be tailored to your system and each details verified, those settings (especially paranoid modes) can't be barely copy-pasted. Maybe you had other security soft interfering, on my setup you can see my other security softs are excluded in many places.
It is why i keep saying, Comodo isn't and will never be for beginners and even average users may have hard time.
Last edited by a moderator:
- Mar 28, 2017
- 263
I think it's too much effort and time consuming. I will keep CS settings.
The probability of wrong rating should be low (or there is a real problem with comodo).
The probability of wrong rating should be low (or there is a real problem with comodo).
- Sep 22, 2014
- 1,767
Is it possible that the file is Trusted because it is placed on a Virtual PC from a disk from the Host PC?
- Feb 24, 2017
- 1,661
no, look at the VT report of the file, Comodo whitelisted it for sure.
No, whitelisted from the start.
Similar threads
-
- Locked
