What is your security setup these days?

Add Chrome ADM template, download from here (you can block plug-in and extension install minimising man in the browser risks) http://www.chromium.org/administrators/policy-templates

 

Thank you for this info. Didn't know about that. It' always nice to have additional hardening in place

 

Good Afternoon! Introducing the Dome Of Death...Mark2...Outpost Pro...Avira S.S.2014...and WSA Security Plus...I unclicked the default for the Windows Firewall while installing Avira! Biff...Bang...Sonic Boom...Lol! Sincerely...Securon

 

i want to try comodo firewall this time not the antivirus that make my pc slowed

 

Setup is according to signature below.

 

Same as it ever was ... MSE, MBAM (on-demand), SpywareBlaster & browser hardening. Except now I have a spanking new BT router.

 

Where did you disable the flash protected mode? Hopefully that will fix the issue that I'm having.

 

I've just ditched Ashampoo Antivirus, and I think I may go back to Baidu.

I didn't like the high CPU use when launching programs with Ashampoo installed. But to be fair, I did not try out the latest update which was released a few days ago - I uninstalled it rather than rebooting so that the new version could complete installing.

Even though I've moved on, Ashampoo is definitely worth trying in my opinion.

 

Here kjdemuth:
http://kb.mozillazine.org/Flash#Disabling_Protected_Mode_in_Flash_11.3

Bo

 

I need to sit down...feeling faint Securon!

 

Thanks Bo! Now I can hopefully use sandboxie again. I was starting to feel naked.

 

You are welcome. You ll notice the difference, I do disable PM, that makes my Flash work better sandboxed under V4.

Go Sox

Bo

 

Geaux Saints!

 

Care to share that info?

 

Info about the Bromium lab report you mean?

If Yes. Then I think this is about it: https://www.wilderssecurity.com/showthread.php?t=350960

 

Ah I see. How do you like AA and WSA? Is AA heavy on your system?

 

I have added Chrome template and disable extension installation. I also enabled click to play option for plugins. Thnx @Windows_Security for this tip.

 

Forever devoted as i am to the Power of HIPS on windows, i think i can safely settle on old ver. Comodo FW 5.12 w/D+.

It's Computer Security Policy settings which serve as it's HIPS guidance system is opened up some very useful possibilities almost as precise as the old EQSysecure which was reasonably formidable on my XP units.

The problem i have to sort out first though is that Comodo 5.12 for x64 installs beautifully on my Windows 8.0 but on reboot my Windows GUI is blank. You can open Task Manager and view processes as well as enter explorer folders from it, but the normal screen is just blank.

I hope it's not a windows 8 conflict because 5.12's HIPS and settings are precisely what i been after. I'll have to systematically uninstall the other security apps in an attempt to find and eliminate the mismatch causing the issue.

If not, at least Comodo FW 5.12 for 64 bit works perfectly when put inside Shadow Defender for testing malwares and their behavior.

Anyone running 5.12 on a standard Windows 8.0 setup? Did you encounter anything similar?

 

Eset Smart Security 7
HitmanPro

 

Any particular reason why CFW D+ v6.3 won't work for you, EASTER?

 

Well for my personal preferences and with some experience now with 5.12's Computer Security Policy, i find the settings for user-defined rules more effective and easier to access and configure in the early model Comodo FW then even in the recent 6.3. Not to mention the Alert box in the newer versions isn't as responsive. There again a personal preference to it's control panel alert layout. 5.12 is more acceptable on this end.

Looks like the work is still cut out yet to pinpoint the mystery blank screen with 5.12 but if resolved, this one's a keeper. I burned a lot of tests on 5.12 and am reasonably satisfied with the results so far.

 

Without a doubt I get 'personal preferences'. They can take precedent over lots of otherwise valid concerns.
I had been running CFW 5.12 for a long time, until about two weeks ago. The internal updater wasn't being fed the newer releases and it kept telling me I had the most current version. I finally realized how far behind I was and went with an upgrade installer that worked over top and gave perfect results on three machines.

Anyway, you might be interested in a compilation of the FW changelogs, found here.

I have put together a much briefer list showing some of the critical security fixes in the firewall since v5.12. You may find them persuasive, as I did.

What's new in Comodo Firewall 6.3.294583.2937:
September 25th, 2013
FIXED: Malware bypasses HIPS and Sandbox while creating autorun entries

What's new in Comodo Firewall 6.2.285401.2860:
July 12th, 2013
IMPROVED! HIPS menu item in system tray icon menu (advanced view mode only)
Note: Okay, not critical, but cool.

What's new in Comodo Firewall 6.1.275152.2801:
June 20th, 2013
There are over 200 bug fixes in this release. Below are the selected few:
FIXED! Malware can load drivers under certain circumstances bypassing the protection

What's new in Comodo Firewall 6.0.260739.2674:
January 31st, 2013
FIXED! HIPS does NOT stop screen capturing/keylogging when unknown apps run outside the sandbox

What's new in Comodo Firewall 5.8.16726.2131:
October 21st, 2011
FIXED! Various race conditions exploited by malware to evade Defense+

What's new in Comodo Firewall 5.4.188930.1353:
May 5th, 2011
FIXED! HIPS doesn't block some actions that can be used by malware
FIXED! HIPS doesn't block modifications to the protected files under certain conditions
FIXED! Firewall does not detect MAC Spoofing although "Protect the ARP Cache" option is selected

Again, that's just a hand-picked few of the changes.
Hope you get your mystery blank screen worked out.

 

Really appreciate the reviews. Looks like someone does their homework on this program.

The one change which has no effect on this end is the potential driver loading correction. On Windows 8 PATCHGUARD all but prevents malware loading any drivers. That particular entry point is been pinched

Thanks again for.posting the comparisons and changes in version. Definitely worth saving to important notes.

Regards Easter

 

Not to argue, but to simply add to your comments, Wikipedia states the following:

"Because of the design of the Windows kernel, Kernel Patch Protection cannot completely prevent kernel patching. This has led to additional criticism that since KPP is an imperfect defense, the problems caused to antivirus makers outweigh the benefits because authors of malicious software will simply find ways around its defenses."
~snip~
"It should be noted that Kernel Patch Protection only defends against device drivers modifying the kernel. It does not offer any protection against one device driver patching another."

I must confess to having very little personal knowledge of PatchGuard. I have not researched it as much as you have, I am sure, and I do note that you remarked that PatchGuard, "all but prevents malware loading any drivers", which I take to mean, it has holes.

Perhaps that is what CFW addressed back in June with the 6.1 release?

(FIXED! Malware can load drivers under certain circumstances bypassing the protection)

Regards Page

 

That is the beauty of a program being under constant development. According to the laws of software engineering it will allways have flaws.

KLOC * (pii - age in years) * 4 sigma = number of errors in code base

Yes, you read correctly it does not mention six sigma (I am old school), age in years is of major release version. Develop managers will deny this formula while being interrogated by share holders and marketing. Over a beer and amongst fellow professionals they will say sure: everyone who knowns, knows this, old news, if you don't, you don't and we are certainly not going to tell you, simple as that.