Please feel free to ask any questions to learn all about Computer Security.

[Guest]

[Uscom]

Hi,
can someone help me with this:
http://forums.comodo.com/general_security_questions_and_comments_not_product_related/lsassexe_is_trying_to_receive_a_connection-t43678.0.html
?
Please. 

[dangerous951]

hello-
i have accidently blocked one of my applications with comodo..and now i cant use my torrent downloader anymore..anyway i can reverse the problem?

[Ronny]

Well the most brute way would be to find the program in the policy(s) FW and or D+ and remove it so you get a new alert and apply a policy for it. Or you can remove the "block" rule once you have found the application on the network and/or computer policy.

[duoniux]

when i open tray of my CIS, there where is Proactive Defense is writen: "the defence+ has blocked ... suspicious attempt(s) so"
defense+ is blocking my other program, which i am using for usb flah sticks scaning, but the program is runing ok, so what is defence+ blocking? should i worry about that or it is doesnt mater?

there is print screen, check it out, thanks for ansvers.

[Little Mac]

duoniux,

Based on your screenshot, USBGuard.exe is trying to access the memory space of CMDAgent.exe (one component of CIS).

No matter how you set USBGuard (as Trusted App, etc), it will always be blocked from accessing CIS components.  This is a self-protection mechanism of CIS.

If USBGuard is still running fine, and you know that the application is trustworthy, then it probably isn't something to worry about.

LM

[Eragoncia]

I have some questions
1) If a person brought a new laptop or computer and is planning to connect it to the internet. What should be the first thing he/she should do?

2)How does a firewall work. It it one of the most important part of security? Why?

3)What is the difference between security software and hardware?

4)What should a person do when their computer is infected?

5)Why is it important to update your security software?

[Ronny]

I have some questions
1) If a person brought a new laptop or computer and is planning to connect it to the internet. What should be the first thing he/she should do?

Well i always install the system offline, after that i connect a USB drive with CIS on it and install CIS.
Then i connect i to the network and run windows update's as long as needed to get all the updates installed. If you don't follow this procedure and you connected to an non-firewalled internet link you have a large risk of becoming infected because of worm traffic on the internet continuously scanning and looking for hosts to infect, if your not fully patched you run a high risk of getting infected.

2)How does a firewall work. It it one of the most important part of security? Why?

It basically allows you to control any traffic in and out your computer, say a virus has made in in your system and tries to tell it's boss where to find you it has to set up some sort of connection out to the internet, poof the firewall asks you will you allow virus.exe out to internet? you answer NO and you now your infected...

3)What is the difference between security software and hardware?

Complex, a hardware firewall would probably not have caught this virus from communicating because it doesn't know which process belongs to the traffic that's being filtered.
You can perfectly protect your network perimeter with it and provide "general" protection for more systems on a network, but with today's threats you need both... (think mobile, hotspot, hotel etc).

4)What should a person do when their computer is infected?

Depending on the infection, i would suggest to save the important data, use an other system to scan that data to make sure it's clean and start with a complete fresh installation. Viruses tend to change more parameters in your system then most AV's "restore" most of them are only good to remove the active components, but that doesn't fix your changed settings it has done on your registry for example.

5)Why is it important to update your security software?

I would strike "Security" software out of the question, it's important to update all your software.

For a virus/malware to infect you it most of the time aims at vulnerabilities that are present in the OS and other applications like Browsers and their plugin's etc... so if you are running a vulnerable version of FlashPlayer  all they have to do to attack you is send you to a link with a FlashPlayer attack in it and your infected

[Tags:]