Advice Request Where can I find @Cruelsisters Config?

Please provide comments and solutions that are helpful to the author of this topic.

FiveDeadlyVenoms

New Member
Jul 18, 2021
6
I have a question. I recently downloaded Comodo Firewall and i'm using Cruelsisters config. I was watching some of their videos i noticed a video about a year before the the one here and i noticed a slight difference. In the older video, in the Containment Settings they put a checkmark for "Do not show privilege elevation alerts". In the set up here it's unchecked. I was just curious about that.

I'm new here and i'm a noob about this stuff. I just want a secure setup. :)
 

FiveDeadlyVenoms

New Member
Jul 18, 2021
6
I have one more question. What is the proper way to add my Antivirus to the Exclusions in Comodo. I think i did it right in Kaspersky though i'm not 100% sure. And i have no idea if i did it right in Comodo.

 
  • Like
Reactions: show-Zi and Nevi

ErzCrz

Level 21
Verified
Top Poster
Well-known
Aug 19, 2019
1,081
I have a question. I recently downloaded Comodo Firewall and i'm using Cruelsisters config. I was watching some of their videos i noticed a video about a year before the the one here and i noticed a slight difference. In the older video, in the Containment Settings they put a checkmark for "Do not show privilege elevation alerts". In the set up here it's unchecked. I was just curious about that.

I'm new here and i'm a noob about this stuff. I just want a secure setup. :)
Hi FDV, That difference in the settings simply automatically puts it into containment or blocks the bad application without showing you a pop-up. More of a set and forget rule. The same goes for the blocking firewall rule "Do not show popup alerts"

I have one more question. What is the proper way to add my Antivirus to the Exclusions in Comodo. I think i did it right in Kaspersky though i'm not 100% sure. And i have no idea if i did it right in Comodo.
That's fine for the Firewall rule but easiest way is to add it as an Allowed Application in Firewall and HIPS if you have that enabled.

1626714539973.png



You can also add the folder for KAV as Trusted in File List under File Rating

1626714656735.png

1626714731805.png

I'd have KAV installed first as well but not neccessary. If something isn't working with KAV, check the Comodo Logs.

Erz
 

FiveDeadlyVenoms

New Member
Jul 18, 2021
6
Hi FDV, That difference in the settings simply automatically puts it into containment or blocks the bad application without showing you a pop-up. More of a set and forget rule. The same goes for the blocking firewall rule "Do not show popup alerts"


That's fine for the Firewall rule but easiest way is to add it as an Allowed Application in Firewall and HIPS if you have that enabled.

View attachment 259789


You can also add the folder for KAV as Trusted in File List under File Rating

View attachment 259790
View attachment 259791
I'd have KAV installed first as well but not neccessary. If something isn't working with KAV, check the Comodo Logs.

Erz
Thank you. That helps. I do not have HIPS enabled so i'm good there. I'll add the folder in File Rating.
 

FiveDeadlyVenoms

New Member
Jul 18, 2021
6
Adding it in file rating is the 1 step next step is auto containment example check image:
Plz check image carefully because you must add trusted at the end of all entries.

Thanks, i'll do that too. Just 1 question, should i pick Ignore or Run Virtually? I see Run Virtually is the default choice but some programs ended up there after i unblocked them and they are set on Ignore.
 

Terry Ganzi

Level 26
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
Next thing is in Miscellaneous they have Do Not Automatically Clean Up Suspicious Certificates, Plz don't place a tick in that, say you install Avast and it try to install a certificate, comodo will ask if to allow it say yes because you trust Avast, but next month you uninstall Avast and install Kaspersky, comodo ask the same question for Kaspersky and you allow it, unknowingly you will have two certificates excluded from comodo scans under ( Don't detect shellcode injections in these applications ) you will have to go in there and remove the one not in use from the exclusion box. Many people aren't aware of such happenings.
 

FiveDeadlyVenoms

New Member
Jul 18, 2021
6
Next thing is in Miscellaneous they have Do Not Automatically Clean Up Suspicious Certificates, Plz don't place a tick in that, say you install Avast and it try to install a certificate, comodo will ask if to allow it say yes because you trust Avast, but next month you uninstall Avast and install Kaspersky, comodo ask the same question for Kaspersky and you allow it, unknowingly you will have two certificates excluded from comodo scans under ( Don't detect shellcode injections in these applications ) you will have to go in there and remove the one not in use from the exclusion box. Many people aren't aware of such happenings.

I just unchecked it. (y)
 

Terry Ganzi

Level 26
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
My bad not ( shell code scanning ) it's scan exclusions I'll post the the images to be more precise. When you scroll down to Advance Protection then open scan exclusions in there you will see Excluded Certificate Authorities it will be under that, Can't believe I let this over site hang so long to all member following this thread I apologize for my error in directions. This is where certificates mount up if you install and uninstall Av's for testing or what ever reason you switch Av's, just delete the certs that are not in use. Thank you all
 

Attachments

  • 1.PNG
    1.PNG
    32.3 KB · Views: 323
Last edited:
  • Like
Reactions: Nevi and oldschool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top