How should I properly configure Comodo

Discussion in 'other firewalls' started by victor43, Jan 25, 2010.

Thread Status:
Not open for further replies.
  1. victor43

    victor43 Registered Member

    Joined:
    Nov 4, 2009
    Posts:
    32
    Hello All.

    I am looking for answers on how to properly configure Comodo to guard against malware like keyloggers that try to phone home. I am running Windows XP SP3.
    Can a malware like a keylogger for example inject code into firefox's address space and attempt to call home using Firefox's credentials ? Is this possible then should I configure Firefox so that I am prompted for internet access ?

    Thanks in advance

    Victor
     
  2. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    I think Comodo will block most operations of that type by default, but you can enhance the protection by enabling options in the Protection Settings dialog of the Application System Activity Control dialog of Defense+ for Firefox.

    You will want to enable Interprocess Memory Access , Windows/WinEvent Hooks, and Windows Messages either in the custom settings, or, if you run it using a predefined policy such as Limited or Isolated, you will have to edit the predefined policy. Setting the Windows Messages option active may block web pages being opened from other programs (eg. Windows Mail) if Firefox is the default browser so you will have to set exceptions (add with Modify... dialog). I don't use Learning Mode but this may be a good candidate to set it up so your common browser activities work.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I thiink even on default settings( default settings are a bit liberal), CFP will detect execution of keylogger and then any code injection into firefox, so you don,t need to worry.
     
  4. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    So many options we can't even list them :p
    Yeah, as people said usually by default you should be pretty much protected.

    Remember to right click the tray icon and select protection mode to Proactive :D
     
  5. victor43

    victor43 Registered Member

    Joined:
    Nov 4, 2009
    Posts:
    32
    Thanks for all comments and replies. Much appreciated. Victor.
     
  6. victor43

    victor43 Registered Member

    Joined:
    Nov 4, 2009
    Posts:
    32
    Thanks for the reply. Most of the above settings were already enabled by default. Victor.
     
  7. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975

    Do you mean the settings in this window?

    2010-01-26_232439.png

    Protection Settings - Protection Settings determine how protected the application or file group in your policy is against activities by other processes. These protections are called 'Protection Types'.

    I'm using v4 beta and they're all set to inactive by default (I am in Proactive mode). In the Access Rights dialog, they are set to Ask like the rest of the settings.
     
Loading...
Thread Status:
Not open for further replies.