Feedback on help materials

[Guest]

[mouse1]

What do you mean?
The sandbox seems to be disabled by the system tray icon 

No, this talks about the Sliders under defense plus ~ settings.

It's really about their interaction, which people find difficult.

I'll rename this post to make all that clear.

Thanks for your feedback.

Mouse

[Tech]

No, this talks about the Sliders under defense plus ~ settings.

It's really about their interaction, which people find difficult.

I'll rename this post to make all that clear.

Thanks for your feedback.

Mouse

Sorry to be a pain, but I did not understand.
Step 1: Sandbox is enabled and Defense+ sandbox setting is enabled. (screenshots 39 and 42).
Step 2: Disable Defense+ sandbox setting. (screenshot 43)
Step 3: All sandbox is disabled. (screenshot 44)

[mouse1]

Sorry to be a pain, but I did not understand.
Step 1: Sandbox is enabled and Defense+ sandbox setting is enabled. (screenshots 39 and 42).
Step 2: Disable Defense+ sandbox setting. (screenshot 43)
Step 3: All sandbox is disabled. (screenshot 44)

Thanks very much Tech. Not how it is supposed to work according to the latest documentation. I will experiment with a file to see what actually happens.

Mouse

[mouse1]

Thanks very much Tech. Not how it is supposed to work according to the latest documentation. I will experiment with a file to see what actually happens.

Mouse

Well program is better than the documentation. You are correct! GUI however does not reflect this - sandbox slider remains fixed!

[JJasper]

Just installled CIS 5 for the first time today.  I followed the Mouse1 guide to Installation and initial config. and have had a problem free install.  It has been working perfectly for the last couple of hours.  Thank you Mouse1.

John

[mouse1]

Just installled CIS 5 for the first time today.  I followed the Mouse1 guide to Installation and initial config. and have had a problem free install.  It has been working perfectly for the last couple of hours.  Thank you Mouse1.

John

Thanks for the feedback John, makes the effort well worthwhile!

Mouse

[iroc9555]

Hi mouse1.

As you might already know I have been trying to make CIS 5 work in my PC without any good results even though CIS 3 and 4 worked nicely in the past.

I am having trouble with a few files being sandboxed that I believed are the cause of my machine hanging when cold boot (first time of the day).

I have read the CIS 5 manual and your FAQs, and I thank you for them; However, I have a few questions, may be because English is not my native language or I am too old to learn, but I do not get it.

You said:

The Trusted Files and Trusted Applications policies are quite similar, however there are important differences:

•A Trusted File is not automatically sandboxed. A trusted file will be sandboxed unless it is also a safe file

When I add a file to the "Trusted Files", it does not become a safe file? When it become a safe file? when Comodo adds it to its white list?

•Trusted Files can run Trusted Files, trusted applications cannot run trusted files or applications

Here you lost me. I know trusted files are the files in Defence+ > Trusted Files and Trusted Applications are the files in Defence+ > Computer Security Policy > Defence+ Rules, given Trusted Predefined Policy, so If I have HPqdirec.exe in trusted applications and it runs Hpqtra08.exe, which is in Trusted files, HPqtra08.exe will not run at all or will not run as a trusted file?
 
•The predefined policy for Trusted Applications can be changed in 'Predefined Policies' that for Trusted Files cannot.

Ok I got this one. No problem.

•Files can be given Trusted File status when if they are declared safe when looked up on the cloud safe list. They cannot be made Trusted Applications

So a trusted file can not be removed from "Trusted Files" and add to "Defence+ Rules" and given a Trusted Application rule, but you said here in # 5 to remove any trusted files in the Trusted File list and to add it to D+ Rules with and Installer/Updater Predefined rule:

 http://forums.comodo.com/defense-sandbox-faq-cis/app-is-not-working-correctly-but-does-not-seem-to-be-sandboxed-what-to-do-t61684.0.html;msg434597#msg434597

or is it different with Installer/Updater rules?


•Signed files from Trusted Vendors are regarded as Trusted Files not Trusted Applications

OK I got this one too.

•Trusted Files by default are allowed outbound access to the internet, Trusted Applications are not (unless also made trusted using firewall settings).

and this one no problem.

Sorry to be a bother, but I am desperate for CIS 5 to work in my PC and I am trying to understand what is going on, and I thank you before hand.

I forgot. Is it better to let the files sandboxed and let Comodo to make them safe? or I can add the files to the Trusted files myself? However if I do this, the files are not declared safe until Comodo says so. According to what you said in point # 4 above.

[mouse1]

First thanks for your comments which I very much appreciate. My responses below:

The Trusted Files and Trusted Applications policies are quite similar, however there are important differences:

Apologies the last part of this was not updated properly to CIS 5 It should read:

•A Trusted File is not automatically sandboxed. A trusted application will be sandboxed unless it is also a trusted file

•Trusted Files can run Trusted Files, trusted applications cannot run trusted files or applications

Here you lost me. I know trusted files are the files in Defence+ > Trusted Files and Trusted Applications are the files in Defence+ > Computer Security Policy > Defence+ Rules, given Trusted Predefined Policy, so If I have HPqdirec.exe in trusted applications and it runs Hpqtra08.exe, which is in Trusted files, HPqtra08.exe will not run at all or will not run as a trusted file?

The fuller version would be: "If you have a trusted application which is not a trusted file, then it cannot run another trusted file unless you allow an image execution alert"

•Files can be given Trusted File status when if they are declared safe when looked up on the cloud safe list. They cannot be made Trusted Applications

So a trusted file can not be removed from "Trusted Files" and add to "Defence+ Rules" and given a Trusted Application rule, but you said here in # 5 to remove any trusted files in the Trusted File list and to add it to D+ Rules with and Installer/Updater Predefined rule:

A fuller version would be:
"Files can be given Trusted File status automatically by CIS if they are declared safe when looked up on the cloud safe list. They cannot be made Trusted Applications automatically by CIS"

Sorry to be a bother, but I am desperate for CIS 5 to work in my PC and I am trying to understand what is going on, and I thank you before hand.

I forgot. Is it better to let the files sandboxed and let Comodo to make them safe? or I can add the files to the Trusted files myself?

It does not really matter. But do remember you may need to reboot afterwards

However if I do this, the files are not declared safe until Comodo says so. According to what you said in point # 4 above.

Point 4 now corrected

Absolutely no problem to ask  - it is what this topic is for. I've corrected the non-updated sentence already and will be considering how make the other explanations clearer. My apologies for the error.

Best wishes

Mouse

[iroc9555]

No apologies needed, I just thank you for your answer and the work you have done.

Regards.

[mouse1]

No apologies needed, I just thank you for your answer and the work you have done.

Regards.

That's fine. Now amended the other entries too. Please do check and see if you think they are sufficiently clear.

[iroc9555]

H mouse.

That's fine. Now amended the other entries too. Please do check and see if you think they are sufficiently clear.

Much, much better. Now I understand all of them. Nice job  Thank you.

[Peter5]

Hi Mouse,

First of all i would like say thanks for all of your hard work, this FAQ´s are very helpful.
But i would like to know if you could add something that could explain the process of the sandbox after the reboot.

1- After the reboot everything that is in the sandbox will be automatically terminated and won´t be able to execute (only after manually execution).

2- If my first post is right, then that means after the reboot you will not receive pop up´s  from those programs (like com windows hooks, COM interfaces, etc).

3- Can an other program (trusted or not) start an application that was terminated in reboot (and of course is in untrusted files).

4- Manually terminate an application that is in the sandbox will have the same effect than rebooting ( the application won´t be able to automatically start).

5- what about dropped files


I hope this is not confusing, but only after reading a question in the forum i realized what happens when you reboot, and i am sure many others new to comodo will have the same difficulties.

Many Thanks

[mouse1]

Hi Mouse,

First of all i would like say thanks for all of your hard work, this FAQ´s are very helpful.
But i would like to know if you could add something that could explain the process of the sandbox after the reboot.

1- After the reboot everything that is in the sandbox will be automatically terminated and won´t be able to execute (only after manually execution).

2- If my first post is right, then that means after the reboot you will not receive pop up´s  from those programs (like com windows hooks, COM interfaces, etc).

3- Can an other program (trusted or not) start an application that was terminated in reboot (and of course is in untrusted files).

4- Manually terminate an application that is in the sandbox will have the same effect than rebooting ( the application won´t be able to automatically start).

5- what about dropped files


I hope this is not confusing, but only after reading a question in the forum i realized what happens when you reboot, and i am sure many others new to comodo will have the same difficulties.

Many Thanks

HI Peter

Just off on a week's hols, and it may take a while to reply to this, so I'll do that when I return if that's OK.

(Other mods may reply between)

Meanwhile please read the introduction to the sandbox (see my signature) to understand it better, if you have time. Be assured that CIS offers very good protection, better than the big names in security.

Will reply on my return

Best wishes

Mouse

[Peter5]

HI Peter

Just off on a week's hols, and it may take a while to reply to this, so I'll do that when I return if that's OK.

(Other mods may reply between)

Meanwhile please read the introduction to the sandbox (see my signature) to understand it better, if you have time. Be assured that CIS offers very good protection, better than the big names in security.

Will reply on my return

Best wishes

Mouse

Many thanks Mouse

[JoWa]

Please add to D+ FAQ:
1. Differences between Comodo Preset Configurations, but not this outdated text.

2. How to enable execution alerts when starting an application from Windows Explorer.

[Tags:]