COMODO Internet Security 4.0.135239.742 Released

Discussion in 'other anti-malware software' started by Watasha, Mar 3, 2010.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
    Can any one PM me the rouge that is supposed to bypass the sandbox in Comodo?

    Thanks
     
  2. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    It seems you are absolutely right. Reading some threads over their forums confirms your sayings.
     
  3. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Hi Aglie,

    You can test any rogue....It will definitely bypass Comodo.
     
  4. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
  5. mevcit

    mevcit Registered Member

    Joined:
    Oct 30, 2008
    Posts:
    58
    Location:
    İstanbul, T?rkiye
    No. Global Rules are the main restriction area. I created two rules, one that allows tcp and udp from ip any to ip any where source and destination ports are any, one that blocks any connection in/out from ip any to ip any. So the global rules allow only tcp and udp outgoing connections, the rest is blocked.

    In this case, firewall asks only for the connections that are in the allowed area that i defined with global rules (i set the firewall mode to custom policy mode). Connections requested by applications that are not allowed in the global rules are denied automatically without prompting user (even if you create rules for them manually, they are ignored). Hence, unlike what you said, application rules do not take precedence over global rules. For instance, in the application rules i allowed frostwire for all outgoing tcp and udp connections and then changed the global rule to allow only tcp outgoing (the rest is blocked). Then i observed that frostwire could connect only with tcp protocol.

    These observations depend on my experience of the last one hour. :D I do not know what is different for the firewall module in this version. i do not know about the v3, just wanted to try this new version and have liked it so far. But the feature in windows firewall where you can assign rules for windows services by using svchost.exe still lacks in third party firewalls. On the other side, if you use a proxy service, windows firewall is not aware of outgoing connections that go out through the proxy. anyways, i'll go on using this for some time and see if it meets my needs hehe
     
  6. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    Just for experiment's sake I have run Fake AVs in a sanbox [Sandboxie-unpaid version] and it looks that in 95+% of the cases the Rogue can only execute in the sandbox and not affect the entire OS. But, well SBIE has been on the market with this technology for several years, isn't it?

    Comodo [ and now Avast! and Kaspersky as well] are relatively new in this department. Better wait until Comodo fine tune that technology before risking to infect your whole PC playing Russian roulette with Fake AVs.

    Regards,

    Carlos
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
    Tested rouge and some applications in Comodo sandbox in VBox Win 7 32 bit. Here are my results:

    1- Auto sandboxing doesn,t work. It says that application is sandboxed but it,s in fact never sandboxed.

    2- Sandboxing via right click menu, Run in comdo sandbox, works and system is intact.

    3- There is no way in CIS GUI to see what processes, files and reg enteries are isolated.

    4- Once an application is sandboxed, there are no more defence plus alerts for it( it must be optional IMO, I mean the user must be able to choose to have or have not the alerts).

    5- Same seems true of FW alerts. FW alerts must be there as Sandbox itslelf has no inbound/ outbound control at all.

    1.jpg
    2.jpg
     
    Last edited: Mar 5, 2010
  8. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    More reasons to not run it again then. :p
     
  9. smage

    smage Registered Member

    Joined:
    Sep 13, 2008
    Posts:
    378
    Hi aigle,

    Can you post this on the Comodo forum, this might help them a lot I think.
     
  10. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
    Well, to me at least, a sandbox is a great feature in any security application when it is programmed right; however, the new trend and innovation in the security world nowadays has to do with file reputation. CIS 4 has brought nothing new on the security table as it stands right now and with all these bugs that have been reported I'll take a pass for now. Nonetheless, I'll still test it and see what happens.

    Thanks.
     
    Last edited: Mar 5, 2010
  11. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    LOL that was harsh but funny.:D
     
  12. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Yes its bit funny, that's why i have not touched CTM in ma machine..I left it as it was...About CIS 4, i have no words...One of the dangerous job done by Comodo.

    Its not Default Deny Protection™ its Default Acquired Infection™...And this is the Patent Technology from COMODO.
     
  13. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    Most of the frustration about CIS4 is in regards to the sandbox with justification.Many users (myself included) were expecting a 'SandboxIE like' product offering systemwide lockdown rather than the half and half mish-mash that we've ended up with.At present it's poorly implemented and confusing,along with the rest of the suite it clearly needs a few weeks of bug-fixing and tweaking before it can rightly be called a stable release version.
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
  15. guest

    guest Guest

  16. smage

    smage Registered Member

    Joined:
    Sep 13, 2008
    Posts:
    378
  17. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,710
    If any of you guys choose to uninstall this, beware that it leave a lot of directories/files behind in the program files and program data folders.
     
  18. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,260
    Location:
    USA,IA

    did you post on the Comodo forums so they can take care of the issue?
     
  19. ratwing

    ratwing Guest


    Well,hope does spring eternal,but the mess left behind by Comodo is tradition.

    The "Windows Installer CleanUp Utility",can weed out a a lot of the MSI stuff,
    but if you are even sort of a "clean Freak",it is regedit time!!
     
  20. clocks

    clocks Registered Member

    Joined:
    Aug 25, 2007
    Posts:
    2,710
    I didn't even go after the reg keys. I just manually deleted all the folders left behind.
     
  21. MisterMooth

    MisterMooth Registered Member

    Joined:
    Nov 23, 2009
    Posts:
    39
    This is pretty embarrassing. Their automatic sandboxing is fatally flawed, yet they say it's not an issue because CIS users are "advanced". Isn't the whole point of the automatic sandboxing to provide foolproof protection for even the least experienced user?
     
  22. ratwing

    ratwing Guest


    After the reading the Melihfesto,you quoted, cant you see this may be beating your head aginst a rock wall?

    Give it a month or so before 5 is released,and 4 may be pretty well debugged.

    Expect more than that,and I worry for your cardiac health.
     
  23. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,132
    Location:
    Saudi Arabia/ Pakistan
    Answer of Melih is totally non-professional. He doesn't even know what he is talking about.
     
  24. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    Yeah i do agree with you...Seems that their MOD's and even their Admin became Non-Professional...Complete Loss of Mind...

    CIS 4 :thumbd: :thumbd:

    COMODO MOD's and Admin :thumbd: :thumbd:
     
  25. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,260
    Location:
    USA,IA
    while agree, they are just defending, i mean people are being rude in there opinions on what they are saying.

    the developers of CIS arent gain any money from it so people complain to just complain. im using CIS. never really used version 3 but 4 seems promising because of the sandbox.

    yes i know the whole rogue issue. they have all the info and should and will patch all the wholes needed.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.