Comodo Internet Security 8.2.0.4508 released

It's the wonderful world of CIS bugs...

 

Things like this happen when new OS is announced for several months and they do a quick compatibility checkup in 2 days after the OS is already released to public. avast! and several others have been releasing Windows 10 compatibility updates for months now and they still have tiny quirks. Knowing Comodo's history, I greatly doubt it's that perfect...

 

Hi all

Comodo Internet Security 8.2.0.4792 (Windows 10 Version1511 Hotfix) is released!

https://forums.comodo.com/news-anno...version1511-hotfix-is-released-t113688.0.html

With best Regards
Mops21

 

Hi all

Comodo Internet Security 8.2.0.4978 fixes build is released!!!!

https://forums.comodo.com/news-anno...204978-fixes-build-is-released-t115059.0.html

With best Regards
Mops21

 

Thx. Maybe this release will work on my PC.

 

My PC lags with this release as with all previous.

 

Did you uninstalled some previous version before to install a newer ? because sometimes the CIS uninstall doesn't work right. There is a tool to use after the reboot.

 

Might be better for you guys if you had something less intrusive and less CPU consuming like TinyWall in your system
Just a hint.

 

Thank you. I used their uninstall tool "2014" in Safe mode as they advised.

I installed Comodo Firewall. It seems to be OK so far.

 

You are welcome.

 

Now the Internet is off when CF is ON. Internet connection restores when I exit CF. What should I do?

 

I found out that it happens when I enabled "Anti-ARP spoofing". I turned it off and now it's OK. I have a fiber optic router Ericsson. When I used other not fiber optic router TP-Link it was OK with this setting on. Why is it so?

 

https://help.comodo.com/topic-72-1-623-7737-Firewall-Settings.html

For normal internet usage, it is not required to be turned ON. You MIGHT consider to do so when doing online banking, purchasing etc, but most of the time it is OK off.
Your router [depending on manufacturer] has a firewall setting [OFF, LOW, MEDIUM, HIGH] which MAY or MAY NOT already provide such protection or close to it.
In a quest to maximise network protection capabilities, it probably backfired. So, take a look inside your router [it's ip address in your browser] and look into settings there.
Then experiment with those of the router and of Comodo Firewall and try to match the settings that you are most comfortable with.
If in doubt, switch Comodo User Profile [https://help.comodo.com/topic-72-1-623-7721-Manage-CIS-Configurations.html] forth and back and observe the changes.
If changes do occur, then your present profile needs adjusting See what works with what profile and note enabled/disabled options.
Post your findings here so that others may benefit. Good luck

 

You would probably have to get support from Ericsson for the actual answer. Here's an explanation of the feature which might be helpful. It comes from the bottom of this page:

https://help.comodo.com/topic-72-1-451-4770-.html

• Enable anti-ARP spoofing - A gratuitous Address Resolution Protocol (ARP) frame is an ARP Reply that is broadcast to all machines in a network and is not in response to any ARP Request. When an ARP Reply is broadcast, all hosts are required to update their local ARP caches, whether or not the ARP Reply was in response to an ARP Request they had issued. Gratuitous ARP frames are important as they update your machine's ARP cache whenever there is a change to another machine on the network (for example, if a network card is replaced in a machine on the network, then a gratuitous ARP frame informs your machine of this change and requests to update your ARP cache so that data can be correctly routed). However, while ARP calls might be relevant to an ever shifting office network comprising many machines that need to keep each other updated , it is of far less relevance to, say, a single computer in your home network. Enabling this setting helps to block such requests - protecting the ARP cache from potentially malicious updates (Default = Disabled).

• 
  

 

@GakunGak, @Victek many thanks!

So I'm quite comfortable with it off.

I think this is the case.

There's only 2 settings for router's FW: "Security Level" (from "Low" to "High") and "Attack Protect" ("Disabled" or "Enabled"). Whatever I choose Comodo's "anti-ARP spoofing" stops internet on my PC when it's ON.

No changes found. "Anti-ARP spoofing" stops internet in any config.

Thank you again!

 

Then it is safe to assume, if it works with router settings Security level High and Attack Protect Enabled, you can turn comodo arp thing off

 

Solar- Just a word of advice- Don't get cute with many of the settings that Comodo has. This is how so many get into trouble with "bugs" or incompatibilities. Remember that the Sandbox properly set is the main defense, and otherwise keep it simple.

 

As a long-time COMODO user that has submitted numerous bug reports, I can confirm what @cruelsister states. Virtually all the bugs I have reported, are the result of settings tweaks and rules creation.

 

Cutesis, now that you're here, does Comodo still allow outgoing traffic to sandboxed apps or you can create a rule for that as well, like *.exe outgoing blocked if sandboxed/virtualized?
Thanks

 

CF doesn't just allow network connections from sandboxed applications but will give a popup that something is trying to connect out. Also for those that hate popups, there is a simple setting in the Firewall section to "Do Not Show Popups"- this can be checked and changed to Block Requests (of course used with the default Firewall setting of Safe Mode).

(Cutesis? You just made me blush!)

 

Yes, I assume this. Thank you.

Thank you. What I like in Comodo is its HIPS. Actually in general I prefer to avoid using Comodo's Sandbox. Because I think that sandboxed stuff isn't controlled by HIPS. And Viruscope is not enough for me.

Is it true that sandboxed stuff isn't controlled by HIPS?

I agree here. Though most trouble I got combining different security apps.

 

Solar- "Is it true that sandboxed stuff isn't controlled by HIPS?" Kinda Sorta- with malware sandboxed at the proper level things are stopped before they even get to the HIPS. Also- and you'll have to take my word for it- I can easily infect a system with HIPS on, Sandbox off. The reverse is not the case at all.

Regarding the Comodo AV, it leaves much to be desired and really shouldn't be even discussed.

 

Are you referring to HIPS in general, or Comodo HIPS? I tried many samples of the worse malware available over the years against Online Armor, and I never was able to bypass it. I tried many different droppers also. I would still be using it now if it was not discontinued.

 

Thank you for the info, it is much appreciated.
[offtopic]Yeah, 'cos woman+cruel is kinda like hollywood michael bay thing, I wouldn't like to think it can be real life as well. And you're always so helpful and polite, so.....[/offtopic]

 

Edge- I was referring to Comodo specifically; I never had much experience with the OA system.