Which Elements of Comodo do You Use?
- Thread starter AtlBo
- Start date
- Status
- Jul 1, 2017
- 317
1- my point was for advanced users actually using comodo, not those not using it, i believe they won't even read this thread.
Also, you can't generalize to all HIPS users because you aren't in their shoes and they may have different motivations to use them.
Even if some advanced users don't really need an HIPS or even any security softs, some like to play with them (which is another debate of course), and i'm one of them.
Now im going a bit deeper, how can you stop a metasploit stager using reflective dll just with your eyes..? I bet you can't.
Sure you will say the same as me: "don't go to suspicious sites, don't download and execute unknown files, etc..." in the first place, which is true but just look at the ccleaner drama, without any special security softs you were done...
Can you, just with your eyes, tell that the legit software you are used to use, that you downloaded from the same legit source you used to go, was replaced and weaponized by a 3rd party? for most people no (only few will look at the checksum and only if it is provided by the vendor...)
For that you need a method that pinpoint the unusual installation sequence (analysis sandboxes, software with command line parser, HIPS, BB, etc...)
Like the case when the Linux Mint installer was replaced by one with a rootkit, only coders that saw suspicious connections then looked into the code to found out the truth and minimized the catastrophe and only because Linux code is open source...if it was not who know how many users would install it and get their credentials stolen....
Personally, i know my infection vectors, my OS itself is quite tweaked to prevent it, but an HIPS or SRP or anti-exe give me an easier way to do it, with a simple interface so i can do in seconds what i have to do in minutes (like manually using regedit, or GPO for those having the Pro or Enterprise version) without actually touching my system.
So using an HIPS or whatever has originally nothing to do with people wanting to "look like" advanced users or not (even if i agree i know plenty that do as you said and really have no clues about using one properly).
However, what i disagree with you is not all HIPS/security softs users use them to satisfy their ego.
It is as if you say "i don't need a airbag and anti-collision system on my car, because i'm a formula 1 pilot ! and will never provoke any accident"...Problem is in computing like everything in life, you can't control what is out of your control zone...
Thank you
Last edited by a moderator:
That is the real deal.
Last edited by a moderator:
- Jan 14, 2015
- 1,761
The direction where v.6 and subsequently v7 took.
v5.10/5.12 in my opinion were more granular and easier to work with, as well as maintain, compared to post 5.12 versions.
It was never about the AV component detection rate, contrary to some of the users who viewed my testing videos back then. In fact, the testing videos on Comodo that I performed showed that the AV was good enough but its protection under default and tweaked settings of CIS as a whole was what really shined.
- Jun 12, 2014
- 314
I don't have to because it is never going to happen. I've used software like HitmanPro.Alert, Sandboxie, AppGuard and like for years and never have I encountered an actual attack during that, nor have I before, nor have I ever since I've stopped using it, and I sincerely doubt I ever will. All I have ever encountered was breakage of harmless activities, because the program wasn't compatible with the policies of said security software. Of course I am not fully protected against these scenarios, but my point is, I don't have to be.
People get infected by shooting themselves in the foot and not by sneak attack of an assassin in the middle of the night.
Take high risk professions as an example, like special forces operators or race car drivers and so on. Do you think these people apply the same operating procedures in their daily lives during mundane tasks as on the job? When a Delta operator does groceries, does he storm the supermarket with his team and clear the building before shopping? Does a race car driver drive to the supermarket in his race car because he doesn't feel safe in a regular car? Do firefighters run around in their own house with a fireproof suit and a breathing mask, in case a fire breaks out while they sit on the crapper? I don't think so.
So why should I? Tell you what, I have to go to the ATM right now, do you think I am safe on my own or should I call for a police escort? Do you think a couple of black and whites will do or do I need to call a SWAT team for protection?
And what do you do if your super security software vendor becomes the victim of a well-poisoning attack just like ccleaner? Can Comodo tell you if Comodo's update is not from Comodo when Comodo's servers are compromised and the malware is digitally signed by Comodo? Will Comodo's HIPS warn you when Comodo's HIPS tries to inject a dll into other processes?
I rather meant: "Does a formula 1 pilot wear a race helmet and a fire-retardant racing suit and force his children to put that on, when he drives them to school? Did I forget the safety cars in front of and behind him and a firetruck accompanying him?
Do you really think the people at kernelmode.info, who are GODs who laugh about us, use HIPS software with "paranoid settings"? I sincerely doubt that.
The security soft industry cannot protect users from themselves despite what some might argue. No way, no how.
Security softs are insurance policies against:
1. user mistakes
2. user poor judgement
3. user neglect
4. user ignorance
5. user naiveté
6. user stupidity
7. some highly unlikely advanced attacks (if you are a targeted user = not the typical home user)
Nothing more, nothing less.
Some are better insurance policies than others.
The internet is as about as dangerous as stepping outside the front door of your house. You can die if you venture into really bad neighborhoods. Go down the wrong street, enter the wrong doorway, make the wrong turn, etc. Simple as that. More or less the same sort of analogy can be made to the world wide web.
I use AppGuard (advanced policy that blocks a lot of Windows stuff) and Adguard and do not have any usability problems. Then again, I do not do much beyond everyday stuff with my personal system. I am not a typical "user that wants to use stuff."
Less is more.
Security softs are not meant nor capable of creating "impenetrable digital fortresses," but people erroneously expect them to be able to accomplish this objective - and without causing any issues.
That is just my personal observation and opinion.
Last edited by a moderator:
- Jul 3, 2015
- 8,153
@FleischmannTV, how do you think those advanced users became advanced?
By using HIPS and other advanced tools, right?
By using HIPS and other advanced tools, right?
You learn like he did, by using different softs and learning as you go. Not just HIPS, but HIPS is a great learning tool.
You think Tavis Ormandy uses security softs ?
I use AppGuard because it is the universe's most effective security soft.
I use Adguard because I despise online advertisements.
So there is a purpose for the security softs that I use, but I don't pile security softs on top of each other.
For testing, I pile them on top of each other to ensure compatibility because a lot of you guys do it.
Last edited by a moderator:
- Oct 11, 2014
- 112
wonder if the president of the United States does not expel people when they go to the mall or separate from the guards.
Each one needs a protection depending on their actions, knowledge and risks ..
Ex: I only use comodo cloud I do not need more.
It was mentioned to the gods that if a bug does not inform them correct them .. You can not compare us with them .. We are mere mortals.
Each one needs a protection depending on their actions, knowledge and risks ..
Ex: I only use comodo cloud I do not need more.
It was mentioned to the gods that if a bug does not inform them correct them .. You can not compare us with them .. We are mere mortals.
- Dec 29, 2014
- 1,716
I've had my best luck with Proactive and HIPS in Safe Mode. Not sure if this is true, but as far as the registry goes, Safe Mode seems to protect some keys and ignore the rest, while Paranoid alerts them all. I guess Paranoid is much better registry protection (although a nightmare to configure), assuming I am correct. Seem to be seeing fewer registry alerts with Safe Mode than Paranoid, but again I could be wrong.
I'm fairly certain you could come up with a way to get the alerts you want, but I think you'd have to be willing to take a brick in the head over at the Comodo Forum LOL...
- Jul 3, 2015
- 8,153
I asked for suggestions on the Comodo forum about configuring registry rules. They told me that the problem with registry alerts is that you get alerted not just for changes, but also for access to registry keys. Their recommendation in order to cut down on registry alerts was to add more processes to the windows system category.
@FleischmannTV to be honest i only care what i can do to secure my system, i'm not so interested if Mr Super-researcher from Uber-Company.com is using Process Explorer and Autorun as main solution.... i did it was boring since i'm never infected...
I use Appguard, HMPA, Comodo FW, sandboxie, Emsisoft AM because i like to play and do tests with them, then advise my customers to use them properly.
I could just go with Win10 built-in security, i will be just fine with it, i did for a while but get bored too after a while...
Security softs are fun, HIPS are funnier, Comodo is best to have fun with; i can spend hours configuring it while having a huge smile on my face, then hate it 2 days later because it doesn't do what it is supposed to do or a bug just ruined all my works on it...
Now it doesn't mean Comodo or whatever are the best solutions but they help.
I use Appguard, HMPA, Comodo FW, sandboxie, Emsisoft AM because i like to play and do tests with them, then advise my customers to use them properly.
I could just go with Win10 built-in security, i will be just fine with it, i did for a while but get bored too after a while...
Security softs are fun, HIPS are funnier, Comodo is best to have fun with; i can spend hours configuring it while having a huge smile on my face, then hate it 2 days later because it doesn't do what it is supposed to do or a bug just ruined all my works on it...
Now it doesn't mean Comodo or whatever are the best solutions but they help.
- Jul 3, 2015
- 8,153
Please post a selfie of you smiling over Comodo...@FleischmannTV to be honest i only care what i can do to secure my system, i'm not so interested if Mr Super-researcher from Uber-Company.com is using Process Explorer and Autorun as main solution.... i did it was boring since i'm never infected...
I use Appguard, HMPA, Comodo FW, sandboxie, Emsisoft AM because i like to play and do tests with them, then advise my customers to use them properly.
I could just go with Win10 built-in security, i will be just fine with it, i did for a while but get bored too after a while...
Security softs are fun, HIPS are funnier, Comodo is best to have fun with; i can spend hours configuring it while having a huge smile on my face, then hate it 2 days later because it doesn't do what it is supposed to do or a bug just ruined all my works on it...
Now it doesn't mean Comodo or whatever are the best solutions but they help.
- Jul 7, 2016
- 339
I lost trust in Comodo way back in the old Comodo Time Machine days
First off, they say it's in development (it's not)
Then HDS comes out with statement: Comodo Time Machine | PC Time Machine Windows System Restore Software
And yet people still wait for it: Whatever happened to Comodo Time Machine?
They should just come out and say it's dead, but they won't. They string people along. Bad business practise in any stretch.
First off, they say it's in development (it's not)
Then HDS comes out with statement: Comodo Time Machine | PC Time Machine Windows System Restore Software
And yet people still wait for it: Whatever happened to Comodo Time Machine?
They should just come out and say it's dead, but they won't. They string people along. Bad business practise in any stretch.
- Jul 3, 2015
- 8,153
After enabling advanced protection in HIPS settings, the option where it tells you to do a reboot, I had a couple BSODs, but not right away. Comodo says something about this feature relying on hardware virtualization. I think I would have to update my firmware to solve the issue. Just a guess.
- Jul 6, 2017
- 2,392
Umbra I think you have a love hate for Comodo, or am I wrong?@FleischmannTV to be honest i only care what i can do to secure my system, i'm not so interested if Mr Super-researcher from Uber-Company.com is using Process Explorer and Autorun as main solution.... i did it was boring since i'm never infected...
I use Appguard, HMPA, Comodo FW, sandboxie, Emsisoft AM because i like to play and do tests with them, then advise my customers to use them properly.
I could just go with Win10 built-in security, i will be just fine with it, i did for a while but get bored too after a while...
Security softs are fun, HIPS are funnier, Comodo is best to have fun with; i can spend hours configuring it while having a huge smile on my face, then hate it 2 days later because it doesn't do what it is supposed to do or a bug just ruined all my works on it...
Now it doesn't mean Comodo or whatever are the best solutions but they help.
- Jun 12, 2014
- 314
Exactly, and once home users understand them, they don't need them anymore, whereas those, who need them, don't understand them
- Jul 1, 2017
- 1,396
- Apr 13, 2013
- 3,224
Keep it simple guys. If you need to be an Einstein to use a Security application that app is not worth it.
And remember that the HIPS does not peep when something is contained.
And remember that the HIPS does not peep when something is contained.
- Status
