Lockdown Comodo Configuration

Discussion in 'other firewalls' started by n8chavez, May 23, 2016.

  1. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Thanks.
    I mean that their phrase about HIPS in freemium "System Protection module is monitoring less actions than in SpyShelter Premium and SpyShelter Firewall." is a bit vague though.

    Though I'll ask this question in the "SpyShelter 10" thread.

    Sorry for off topic.
     
    Last edited: May 29, 2016
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,763
    Location:
    The Netherlands
    That's why you should check it out, then you will see which features are disabled. I can't help you with it because I'm using SS Firewall.
     
  3. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    That's true, thank you.
     
  4. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,029
    I have it locked down as per cruelsisters config.
     
  5. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    817
    Location:
    Melbourne, Australia
    Me, too. I find her videos and posts very informative - she has the gift of being able to explain something very technical simply and succinctly. If you export the config file from the first installation it's too easy.
     
  6. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    I tried ReHips 2.2.0 RC2 the other day. Even though it is an RC it is a limited version. IE was set to default. first thing RiHips did when I clicked on IE was open Edge in a sandbox and not let me go anywhere. I just had set to default install. The main site doesn't have the install. you have to register at their forum and request the download link.

    Anyway maybe we should start a thread on Rihips?
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    16,396
    Location:
    UK
  8. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    :thumb:Thankyou stapp
     
  9. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,029
    Yes, as I do also. A lot of people doubt her videos, but she definitely does..
     
  10. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    235
    Just a heads-up:

    Most configs suggest starting unknown files under "Virtulised/Restricted" or "Untrusted"

    The problem with this is that the executable is started with low rights and limited processes, but still runs and can do potential damage that may not rollback. The likelyhood is low but higher than if you never ran it to begin with.

    And another problem exists. Very few progs will run properly in a restricted or untrusted environment eg Chrome won't run under any restrictions even "partially limited". Not only do I not suggest testing on a live box for my previous reason, but it would doubtfully run to begin with.

    So what's the point other than more risk. I see no reason to ever run auto-virtualised when dealing with unknown applications and the logical solution is to hard "BLOCK" unknown applications.

    Anyhow, here's the help page for autosandbox config

    https://help.comodo.com/topic-72-1-623-7763-Configuring-Rules-for-Auto-Sandbox.html
     
  11. Iangh

    Iangh Registered Member

    Joined:
    Jul 13, 2005
    Posts:
    817
    Location:
    Melbourne, Australia
    Eager to learn!

    I have just tried to install Kardo's Crystal Security. If I click to install I get a green borderded windows pop-up saying windows installer can't run. If I right-click and run in sandbox CS installs sandboxed. How do I tell Comodo I trust this and install normally?

    EDIT: I disabled the auto-sandbox to install. Like any product it takes time to play and learn.
     
    Last edited: Jun 13, 2016
  12. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,864
    Location:
    Location Unknown
    The only problem with that is that you no longer have access your PC; on paranoid mode there are too many popup with svchost.exe wanting to create temporary files/directory and without specific allow rules I cannot login on Windows 10.
     
  13. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,339
    Location:
    USA
    How does one lock comodo firewall down with just the sandbox enabled? I have it installed on a pc where other family members will be using it so I want it quiet but powerful. it's been awhile since I played with it, so my memory fails me. I have never really used comodo much since v5.10.
     
  14. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,029
    https://youtu.be/_KFXirUmCkM
     
  15. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,339
    Location:
    USA
    Thanks infected
     
  16. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,677
    Location:
    New Mexico, USA
    I've got a newbie question. I just installed Comodo firewall on Win 10 64 bit system. It's set up according to cruelsister1's recommendation. On this system opening Firefox, or SeaMonkey in the sandbox takes forever if I click on 'open browser in sandbox.'

    My question, with auto sandbox enabled, is running the browser in sandbox needed?
     
  17. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,029
    For me, I don't sandbox my browser unless I'm doing online banking. Besides that, auto sandbox should suffice.
     
  18. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,864
    Location:
    Location Unknown
    cruelsister, according to your configuration video you set everything to be virtualized by the CIS sandbox. However, doing so causes apps that have already been able to run to be virtualized. How can I make it so that apps I want to run become known and are not virtualized because CIS seems them as unknown?
     
  19. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
    Just perform a scan (ratings) and "trust" whatever app/program you know is safe.
     
  20. n8chavez

    n8chavez Registered Member

    Joined:
    Jul 19, 2003
    Posts:
    2,864
    Location:
    Location Unknown
    Thanks for the suggestion. I ran it and accepted setting that needed to be however that doesn't recognize all .exe's
     
  21. Nitty Kutchie

    Nitty Kutchie Registered Member

    Joined:
    Apr 10, 2015
    Posts:
    148
    Open comodo firewall go into filerating under firewall settings and manually trust the files you no are safe and everything should work smoothly from there onward.
     
  22. sirvalence

    sirvalence Registered Member

    Joined:
    Aug 13, 2014
    Posts:
    4
    I see people recommending your setup here in multiple threads. I'm excited to try it out, but having some trouble finding it sadly. I'm especially interested in your recommendation in using Comodo Firewall with sandbox, no HIPS or AV. Would you be so kind as to share a link to your setup? Thanks!
     
  23. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,570
  24. himalayas1

    himalayas1 Registered Member

    Joined:
    Oct 15, 2016
    Posts:
    3
    Location:
    Serbia
    want to crash windows 10: Enable HIPS, select 'Paranoid Mode' from drop-down.
    after enabling it I could not open my computer (to view disk drives) or any icon on my computer, my PC just froze. after rebooting and selecting Internet Security under Configuration, rebooting, then selecting 'Safe Mode' for HIPS, everything was back to normal again.
    I got comodo from this link: https://www.comodo.com/home/internet-security/firewall.php#tab-faq
    Replaced comodo with Zone Alarm from this link: http://www.zonealarm.com/software/free-firewall/# (click 'Free Download', then click 'No thanks, just the free firewall'). Zone Alarm will disable windows 10 firewall, but works well with windows defender of windows 10.
    If I seem a bit biased, please note that I used Bitdefender Internet Security in 2010 & 2013, Kaspersky Internet Security in 2009, 2014, Webroot, Avira, Panda (Bitdefender & Kaspersky being the best of the lot - not free though).
    If anyone thinks I did something wrong with configuration or installation, please notify). For Internet Security Suites, http://www.toptenreviews.com/software/security/best-internet-security-suites-software/. For best spyware, http://www.toptenreviews.com/software/security/best-antispyware-software/ . You can't install Comodo Free Firewall and expect it to be equal to Comodo Internet Security Pro 8 (reminds me of the saying - you get what you pay for).
     
    Last edited: Oct 15, 2016
  25. himalayas1

    himalayas1 Registered Member

    Joined:
    Oct 15, 2016
    Posts:
    3
    Location:
    Serbia
    Hi, on Comodo Firewall (free version, 8.4), select General Tasks, Scan, wait for scan to complete (may take a while), where it displays SHOW (All Files), click the drop-down and select 'Unrecognized Files', on the right of each file displayed you will notice 'NO Action', select drop-down and choose 'Trust' if the file is by a trusted vendor like Microsoft or Intel, etc. To find out if the file is Trustworthy, right-click the file name and select 'Jump to Folder', right-click the highlighted file and select Properties, click Digital Signatures tab, select the first entry and click Details button, click View Certificate button, click Details tab, scroll down to Subject and you will be notified if it's Microsoft, Intel etc (this is valid certificate), if valid certificate then select 'Trust' from drop-down and click on 'Apply Selected Actions' button to save, click Close button to exist. You can repeat procedure until SHOW ('Unrecognized Files') shows no files.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.