Comodo for non tech-savvy user?

I am installing a firewall on my dad's work computer. He is not behind a router or corporate firewall. I am leaning towards Avira antivir free and Comodo Internet Security without antivirus. However, I am worried about the large volume of popups that follows Comodo's installation. Is there a way to set up Comodo so it is secure but with not as many popup notifications?

BTW, my computer is behind a router and I use Avira free and Threatfire running realtime, and Malwarebytes and SUPERantispyware free as on-demand scanners. I will install Malwarebytes on his computer too.

Thanks.

 

Set the mode to "Clean PC"

 

Configuring CIS for Maximum Security with ZERO Alerts. But IMHO Comodo isn't the ideal choice in this situation - if you don't mind him being restricted simply use LUA + SRP, and if you do mind then Comodo isn't the right app because of it's pop ups.

 

Having been in the same situation when Comodo upgraded from the user friendly version 2 to the pop up happy V3 a few years ago, I jumped ship and went to OnlineArmor. It is geared to non techie folks in Standard Mode, but can be used in Advanced Mode for those who like to tweek. Pop ups are minimal, usually showing themselves only when a file changes. It's worth checking out.

 

I do sujest Comodo for that, it produces less pop-ups than OA, not like twl845 says.

Just put it on Cleanpc mode or even safe mode + safe mode for the firewall and you should be fine.

Pop-ups will be lowered and lowered in future versions.

Thank you

 

Aww, come on guys. The thread title mentions Comodo, so let's not turn this into one of those "CIS vs. OA" threads again. This would be a good thread to keep alive, as I think everyone could benefit from more insight on how to lower popups .

Anyways, +1 for the Clean PC Mode. I've found that's one of the things that helped lower popups. That way, your dad will only get alerted if new files (e.g. that free screensaver he got from trojan.com) want to do something fishy to his computer.

 

We know

 

Thanks everyone for your help. I set it to Clean-PC mode and now everything is running smoothly.

 

Version 3.9 seems very stable and a lot of bugs fixes from 3.5...

 

Indeed. It is also much quieter then previous versions while retaining it's security.

Cheers,
Josh

 

Last time I checked, advanced security settings were turned off by default. And, assuming that's how most users would leave it, because that's what it gets installed like, then it won't retain it's security.

Don't see this as a "bashing Comodo all the way down", because it isn't. But, unless, by default, Comodo is set with advanced security settings, then your statement is false.

That's one of the reasons why it produces fewer alerts - most of the advanced settings are turned off.


Regards

 

Long time not seen moonblood. How are you ?

I think that indeed since V3.5 the defaults are not to maximum security. But even after I changed it, it's still pretty quiet.

I can imaging my mother with a pop-up : Word is trying to access your keyboard, allow or block ? So perhaps it's better this way for newbies. (even tough that will never pop-up --> trusted vendor)

eXPerience

 

Hello there,

Yes I agree with the

That's why I prefer, for example, and is one I know very well, Outpost Firewall Pro. It has a tremendous whitelisting, and allows users to set it to automatically create rules for known and digitally signed applications. Even in the most advanced security settings, there's practically no alerts, at all. Unless you install some new application, which may not be, yet in the whitelisting database.

If it pops-up an alert for an unknown (as in not in the whitelisting database) and they're not the ones who ran it or installed it and ran it (after digging is from trusted sources), then block it.

This is a better approach than eliminating such advanced security settings. I'd rather see COMODO following that direction - having a tremendous and always growing whitelisting.

I do remember COMODO asked their users to give the name of their applications, they trust, and that are digitally signed, but in the end, COMODO practically added none. I don't get it.

 

We do have an enormous list on the forums, why they havent added that one yet is a mystery.
On the whitelist tough, they are adding applications to it everyday. Many products already having rules build in.

Well, they're promising that V4 is a install and forget installation, so we'll see what the future brings

eXPerience

 

I hope there will be some change in next comodo version.In present version,comodo's file protection doesn't distinguish reading and writing.If a file was put into file protection,we can't set a rule which limit the file to be read or written alone.

 

Could you please make a post about it here ? I really like your idea http://forums.comodo.com/defense_wishlist-b148.0/

eXPerience

 

Yes, In D+ Adv settings few things are disabled: A few more experienced users go "What! why are all these disabled? To reduce pop ups? To claim false sense security!" Well... Whatever /they /claim is NOT true and I have done a Sticky in the Comodo Forums on why the default configuration in Comodo Internet Security is good enough (See Question and Answer information there). Let's look at Keyboard, and what if AV does not detect the program (If a keylogger software is trying to install): All keyloggers try to install themselves permanently. If they try to do so, they will be prevented by CIS. Assume the keylogger is executed and by chance at the same time, there is banking information on a website, the Firewall will catch it anyway. Here the point is permanent damage needs to be prevented and checkpoints are kept to prevent this damage. Overall, All those checks (Image Execution, Disk, DNS Client, Windows Messages, Computer Monitors) are disabled because again, permanent damage needs to be prevented. When you have an AV installed, it is a HUGE difference and this allows Comodo to skip some checks in Defense+. Permanent damage prevented meaning checks like Protected Files, Registry Keys which MUST be and are protected by default, Point is; all viruses try to install them selves permanently. No exceptions, And CIS by default is there to prevent this damage.

Defaults are fine, and so far, there has been no reports of malware in the wild bypassing CIS by default configuration. If you however aware of malware exploiting this configuring you can let COMODO know so they can reevaluate this.

Cheers,
Josh

 

There still some issues with 3.9 that I had seen in 3.5. I had to remove Conodo from two systems neck and neck to each other. My computer and it's mappings were not showing up. Browsing sites just gave 404 errors. Even if I have force the firewall to see the range of IPs it still doesn't work. AV and malware still reports images as unclassified malware. It had said MSCONFIG.exe had a virus in it. To much FPs.

 

That may be due to other security software on your computer. FP's yes let's hope we can rid of them as things move forward in next few months.

Cheers,
Josh

 

@ Wolverine13:
"my dad's work computer" = get a router

 

There is none as I don't think Rising PC Doctor going to cause Comodo Internet Security to block sites.. I am on wireless 802.11n laptop and I get the same issues as the wired gig desktops. I can't even get to this site with Comodo IS running. If I remove it (CIS) then I can get to Wilderssecurity site. So that's one site just to let you know. This box also runs PrevX 3 for testing..

FPs needs to be address.. CIS looks fun to use but some issues with your LAN need to be address. It can:

Block My Computer then Crash Explorer
Block Remote Desktop Control
Block Web Server on my Server OS so none of intranet systems can't access the LAN Web Server that runs intranet web site. To fix this problem I have to go to the OS Server directly as the CIS won't allow Remote Desktop Control even though I told it my network name and to allow access to all PCs it still blocks them.

Hangs on typing with Firefox..

FP are problem in Malware and Virus scanner. Does this software also catch rouge bad cookies? I never seen it do anything in that department. If you can get CIS to function correctly then you would have a great product.

 

I agree with this.

CIS in first-class security mode is not for non tech-savvy user.
I have been using v3 since release, not for ease of use, but because it provides a nice picture of what any app is trying to do.

I would never put it on my mother's pc, or any pc I may need to support.
If you read all CIS reviews, none praise CIS ease of use, only its power, and IMO you can only get this power by dealing with crazy pop-ups.
If you reduce pop-ups, IMO you reduce your security.

Its user interface is among the worst I have seen.
Look at how difficult it is to manually change settings for an app which CIS has automatically created a profile!

IMO you should get a router and give him the same Avira free and Threatcast that you use, if no router then use OA free or Outpost free, and save yourself a lot of headache in the future.

 

MoonBlood is right.


Note that you have to change the configuration option to pro-active, otherwise the newly created rules default to the much lighter Internet Security rules (or Antivirus or FireWall, they are all less secure), in short in stead of ASK it will show ALLOW, no mather how you have configured D+, the program specifc rules creates a pass for malware next time.

Because not many users will use this settings (old hard cores Comodo users used Pro-Active so they are fine, new users don't know and think they are protected and don't know), be sure to expects some bugs and even PC lock ups.


I think OA and Outpost Free are better options. OA free had one big disavantage that it did not protect dureing boot/log-off. I do not inwo whether this still the case, so I would go for Outpost free (there are ways to block the noisy outpost self advertising, google for it).

 

As I said before, AV is a HUGE differentiator and that allows Comodo to skip some checks. Users don't need to switch to "Proactive Security" in order to provide protection, That is just more pop ups. Permanent damage is prevented in installation-default Internet Security configuration when users install Firewall + Antivirus. You install just COMODO Firewall, then that policy will be applied, etc. In any case, CIS is still strong. CIS is designed to work in Harmony (AV, Firewall, Defense+, Buffer overflow protection). Defaults are good enough. This isn't about reducing pop ups, It's not like Comodo said "Ok guys, let's uncheck Keyboard, Monitor and few other to reduce pop ups - Who cares about the protection, we just want to make it quite". Serious calculations have been done with all 4 configurations in CIS, Proactive obviously being the highest. Comodo wouldn't leave you vulnerable knowingly.

If any of you are aware of malware in the wild bypassing CIS by default then please let Comodo know so they can revalue the configuration. So far, no reports of malware has bypassed CIS. All damage has been prevented. People can talk theoretically that malware can bypass, But practically it hasn't happened (I would appreciate a real malware threat via PM if you guys have that has bypassed CIS).

So again, Permanent damage needs to be prevented and the check points are kept to prevent this damage.

Cheers,
Josh

 

My mother of 75 has not been infected with a dead Norton lisence in two years.

Point is (and I have posted that to the Comodo forum). The default rules should be matched against the D+ settings. So when I use the CIS configuration and add keyboard, direct disk and direct memory access. A program generating a rule should not have ALLOW on these three control items, but ASK (unless one of these three added control items would have triggered a program specific rule).

Please make a point to the Comodo developers to adopt the configurations with the chosen D+ settings. When I am not clear PM me, I will explain and please I have brought default CIS down with malware. How do you think I discovered that adding D+ control items did not make any difference when using other than Proactive configurations?