COMODO Internet Security 3.9.76924.507 Released!

Discussion in 'other anti-malware software' started by 3xist, May 13, 2009.

Thread Status:
Not open for further replies.
  1. 3xist

    3xist Guest

    Hey Guys.

    I quickly skimmed through the thread, So I'll try and answer everything best I can.

    Version number, Why is it so big? I do not have the answer to this question, But I can always ask a developer. :)

    Can you install BOClean stand a lone in CIS? No, you can't. It is a totally integrated memory scanner that works with CAV. Gets same updates as BOClean off course too. PLEASE be aware though... The CURRENT stand a lone boclean will have last update on 26th May, 2009 the product has already been discontinued, but signature updates will continue until the date.

    Comodo skips a few Advanced checks (Defense+) Settings! why?: I will explain this in more detail:

    Why keylogger for example is NOT being monitored by Defense+?


    Think of a keylogger not caught by the AV:

    All keyloggers try to install themselves permanently. If they try to do so, they will be prevented by CIS.

    Assume keylogger is executed and by chance at the same time, there is banking information entered in a web site, the firewall will catch it anyway.

    Here the point is, permanent damage needs to be prevented. And all the checkpoints are kept to prevent the permanent damage.

    Sure, But what about the others such as DNS/RPC Client, Window Messages, Image Execution Control, Monitor, and Disk?

    All the viruses, unlike Comodo leak tests, try to make themselves permanent first. No exceptions. Thats why CIS will catch these immediately. There may ofc ourse be exceptions but Comodo does assume these are rare.

    All of those checks(DNS/RPC Client, Window Messages, Image Execution Control) are disabled because of the fact that all viruses attempt to make themselves permanent first and hence will be caught. So COMODO Internet Security policy is a balanced policy with acceptable security and acceptable user experience. It is there to complement the AV.

    Let's look at Proactive Security policy: This policy REPLACE any AV for an experienced user. Until Comodo reduce the popups, they will have to keep this balance for average users.

    This is only detailed information when you install full CIS. You install Just Firewall, Then Comodo Firewall Policy will be applied, and so on... CIS is still strong either ways - That's why there is 4 default configurations. IF anyone is aware that a REAL threat in the wild can exploit CIS's default configuration (Eg Internet Security with some checks not ticked), And does permanent damage, please post this at the forums) - But don't be confused between Inconviences and threats. Internet Security Configuration focuses on threats, NOT inconviences such as locking the mouse or playing a JOKE you can easily get rid of when you reboot. It's not simply "lets uncheck some default D+ Settings and reduce pop ups!" - So please read all the above I wrote. It is acceptable security and user experience, and BOTH is taken into consideration, well should be, for any software vendor...

    I re irriate: Please post at Comodo Forums if a threat does bypass the default configuration in CIS and causes permanent damage. Then Comodo can re evaluate this configuration for CIS.

    P.S - Database size is a top priority right now. It will be taken care of.

    Cheers,
    Josh
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    I totally agree. :thumb:
     
  3. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    True, true. I have downloaded the installer, sooner or later i will install it. But i 've been messing around with Vista in the last day and should take a brake from "experiments" for a while. :D


    Hi 3xist, thanks for the info. By "skip" you mean that not all options are ticked right? And as i understand this isn't an issue if you use only the AV...

    Anyway, the way i see it, if you choose to use Comodo, you may as well use the AV too at this point. Because it lesses the pop up number and the work of D+. I think i will try the AV too. If cpu usage is low, i may leave it realtime and put Twister on demand.
     
  4. 3xist

    3xist Guest

    Yes. AV as detection is a huge difference, Make Prevention more usable (Its always been prevention your first line of defense, detection second) - Which is how CIS works. AV Detects something (Either at file/download level or execution level (Memory Scanner), D+ does not annoy you about it. Making more pleasant usable experience...

    Next version will see a great improvement in detection, With Family Signatures and off course less memory and database size. It's been said 1 signature can catch 23K malware - But action speaks louder then words so we will wait until that version comes, which is before v4...

    Cheers,
    Josh
     
  5. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Thanks Josh.

    I hope they make it. It would be wonderful for freeware users to have such a suite. Let's hope that it will also remain low on cpu... If it does, it will become a very attractive offer for medium to expert users. (I still think that an average Joe who has trouble even to understand something like AVG free, would have ever more trouble understanding Comodo's options and alerts).
     
  6. 3xist

    3xist Guest

    Np Fuzz. :)

    COMODO is aiming CIS for both from the Computer Nerd, To your Mother! :) I also forgot to mention that next version will also have a new mode called Silent Mode (Or Smart Mode) Where certain requests can be automatically allowed or denied without ANY user input. This version hopefully (Again before v4.0 and with Family Signatures and reduced DB Size) Will also be usable on mothers PC's.

    As you can see with v3.9, There are already less Alerts thanks to extended whitlist and trusted vendors, And the pop up lay out is now simply Allow or Block, And thats one click allow, one click block. So usability is going forward and going strong...

    Cheers,
    Josh
     
  7. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Without user input? I hope it doesn't contact some online database and things like that.

    I haven't installed 3.9 yet, so i didn't see that change. You mean there is no "treat this application" as installer/trusted... ? Does this stand for the firewall only version too (without AV)?

    Hmm... I think i may try it sooner than i thought...
     
  8. 3xist

    3xist Guest

    Default pop up layout is just Allow/Block...

    You can click more options and have the original lay out (Treat As, Etc) But its encouraged to use the default for just one click allow/block. Yes its for Firewall without AV too.

    No it wont connect to a online DB/Server. There will be strict rules to define what to auto allow, what to allow denny (Example: Malware trying to modify unserinit.exe, Can be auto dennied) - stuff like that can be auto blocked.

    Cheers,
    Josh
     
  9. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753

    Thanks Josh, i just tried it. I 've mixed feelings about the new "Allow". Although it can help, for me, it's a bit counterproductive. I do prefer such an approach for D+, but for the firewall, i have customized and high security, because i want to control more. And in the firewall i do prefer the "treat as outgoing only" or "blocked" etc.

    I understand it's now better for the inexperienced user, but for me, it just means that i have more clicks to do what i want...

    I am uncertain on whether to keep running it or go back to OA free. Oh well...

    The auto-rules sound nice.
     
  10. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Is the "Smart Mode" going to be default when going v4?
     
  11. 3xist

    3xist Guest

    Smart Mode, Family Signatures, Improved Memory Consumption for AV Updates and Reduced Database Size is in the next version BEFORE v4.0. I am not sure if Smart Mode will be the default...

    Cheers,
    Josh
     
  12. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    There seems to be something in D+ (proactive, all options checked) which hinders the Crystal Disk Mark to run properly. Normally if you click "all", 3 batches of benchmarks for the Hard Disk will be performed automatically. In my case, the 2nd failed, but did run if i manually launched it. Same for the 3rd.

    I also noticed that it didn't ask me "are you sure your PC is clean" during installation. Without importing older configuration , this resulted in having in D+ rules only a handful of applications (asking for the rest).
     
  13. IBadget

    IBadget Registered Member

    Joined:
    Jan 14, 2009
    Posts:
    59
    Location:
    Waipahu, HI
    You might also want to add the My Documents folder to My Protected Files by default so that, out of the box, CIS can defend against ransomware, e.g., malware that encrypts all of My Documents and demands payment to decrypt the ransomed files. There may come a time when the entire C drive must be in My Protected Files. Who knows what tomorrow's malware may do? I sure hope CIS evolves to keep up with evolving malware.
     
  14. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Thanks, Josh. So, does Smart Mode apply to all "asking thingies" :)P) incl. D+? Does the user ever have to answer any prompts from the AV not related to heuristical detection?

    Speaking of heuristics... what about the FPs even on low heuristic settings that I've mentioned in the other topic? If I remember correctly there were even multiple in the low setting... :doubt:
     
  15. Mosqu

    Mosqu Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    69
    Location:
    Germany
    What is the meaning of the CIS logo? What does it show?
     
  16. Dch48

    Dch48 Registered Member

    Joined:
    May 14, 2009
    Posts:
    7
    Who cares how big the installer is? The real test is performance and memory usage. I can tell you the performance is great and the memory footprint extremely small. (ranging from 4 to 10 megs at most.) The installer is bigger because of the inclusion of the av DB and the ability to prescan before the installation completes. I was using NIS2009 and was very pleased with it but due to recent financial problems I was reluctant to pay $50 to renew. I decided to try Comodo which is free and I'm not sorry I did. The new version just out is even better than 3.8 and does a much better job of recognizing safe apps therefore greatly reducing popup alerts. The only problem I was having with 3.8 was that my defrag performance was very slow when the AV was turned on. That problem is also gone in 3.9.
     
    Last edited: May 14, 2009
  17. a320ca

    a320ca Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    97
    Location:
    USA
    Ditto! :thumb:
     
  18. Ro4dRuNn3r

    Ro4dRuNn3r Guest

    Do you have any problems with your combo? (prevx+cis)
     
  19. a320ca

    a320ca Registered Member

    Joined:
    Mar 21, 2008
    Posts:
    97
    Location:
    USA
    No, so far CIS 3.9, PrevX 3.0 and Zemana AntiLogger all playing well together. :D :thumb:
     
  20. Julian

    Julian Registered Member

    Joined:
    Sep 14, 2008
    Posts:
    103
    Best Comodo version so far :)
    And who cares about installer size and memory consumption? RAM is extremely cheap just like big HDDs, broadband internet is standard. Still CIS is the lightest AV / IS, with stateful exclusions it became even faster than 3.8. Also defragmenting with Perfect Disk and so on is not a problem anymore.
    And the build number...
    A good ersatz for the pink dot in the upper left corner of CIS' window?o_O

    One thing that annoys me: While the AV is updating the guard doesn't scan anything :(
    I hope this will be fixed with later 3.9 versions...
     
  21. guest

    guest Guest

    Excellent comodo, the best firewall+hips that i have ever try, needs less resources than outpost or OnlineArmor
     
  22. gery

    gery Registered Member

    Joined:
    Mar 8, 2008
    Posts:
    2,142
    Comodo does not updatee itself in my machine it stops at 30 :doubt: %
     
  23. Ro4dRuNn3r

    Ro4dRuNn3r Guest

    Thx :)
     
  24. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    Very nice Comodo. I'm back in the mix. :D

    Ice
     
  25. danny9

    danny9 Departed Friend

    Joined:
    Feb 18, 2004
    Posts:
    678
    Location:
    Clinton Twp. Mi
    Very nice indeed!
    Best version yet. :thumb:
    Running it with GesWall free also.
    Seems to be a very good pair together. :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.