COMODO Internet Security 6.0?

[giulio]

I was going by the three modules listed under the Defense+ dropdown menu in the GUI. (screenshot) File Rating is separate.

Yes, the shared space folder is not virtualized by default. So if you download something in a sandboxed browser and you want access to it from your physical machine, you can download it to the shared space folder.

Thankss!!!!
i will wait for testing beta...

[Wisdom]

The BB isn't taking the place of the HIPS. It is just the module that is going to act first. If the file is known/trusted, the HIPS won't even come into play.

What does one do that the other cannot? The BB is able to automatically sandbox unknown applications, the HIPS isn't able to do this.

The BB module blocks an unknown file just because the file is unknown for Comodo (maybe it's a safe file) and not because the file has suspicious behavior. So behavior blocker in CIS6 as the Default Deny protection. So BB = DD, Right?

[christarzan]

Is there anything new with the Firewall? I hope it has not compatibility issues with Avast.

[HeffeD]

The BB module blocks an unknown file just because the file is unknown for Comodo (maybe it's a safe file) and not because the file has suspicious behavior. So behavior blocker in CIS6 as the Default Deny protection. So BB = DD, Right?

Currently it's not so much of a traditional behavior blocker. (Deciding whether or not an application is safe by monitoring what it is trying to do) That will come in a later release.

[RealNature]

Currently it's not so much of a traditional behavior blocker. (Deciding whether or not an application is safe by monitoring what it is trying to do) That will come in a later release.

Thx for that,good to know. 

[Wisdom]

Currently it's not so much of a traditional behavior blocker. (Deciding whether or not an application is safe by monitoring what it is trying to do) That will come in a later release.

As we know already CIS5.X has a good malware heuristic analysis module, In fact, it is a behavior blocker -attached images- Anyway, I hope and I believe that it could be improved in Version 6.

Thanks HeffeD

[attachment deleted by admin]

[spywar]

As we know already CIS5.X has a good malware heuristic analysis module, In fact, it is a behavior blocker -attached images- Anyway, I hope and I believe that it could be improved in Version 6.

Thanks HeffeD

the "verdict" come from the lookup servers.

[Wisdom]

the "verdict" come from the lookup servers.

Yes, But not only FLS. It comes from Cloud & AV & Local BB(Local Malware Heuristic Analysis).

If the file detected by Cloud (DB or Analysis). In this case "Verdict" shows "virus". image1
But if it detected by Local Malware Heuristic Analysis, In this case "Verdict" shows "Suspicious". image2

 

[attachment deleted by admin]

[spywar]

Yes, But not only FLS. It comes from Cloud & AV & Local BB(Local Malware Heuristic Analysis).

If the file detected by Cloud (DB or Analysis). In this case "Verdict" shows "virus". image1
But if it detected by Local Malware Heuristic Analysis, In this case "Verdict" shows "Suspicious". image2

 

Oh thanks my mistake.. Also it shows "suspicious" when a file is detected by CIMA right ?

[Yash Khan]

Is it possible in CIS 6 to have autosandbox enabled but elevated privilege sandbox allowed automatically? (not sandboxed automatically but allowed normally automatically)

The reason I am asking this coz autosandbox never gave any prob here i.e all the programs ran fine in autosandboxed.

Elevated privilege rights gave many probs here i.e installation/uninstallation prob. Thats the reason I removed CIS from my family system. Coz many programs dont install & uninstall properly sandboxed i.e half install/uninstall i.e craps. And it was very difficult to remove those corrupted install/uninstall as they gave error, missing file, etc.

This was also the complaint by users & testers that programs dont install/uninstall well in sandbox. And full virtualization was proposed & promised but now in the current situation it will not be there as per Devs.

So the prob still remains with version 6 I guess. Or is there any improvement/enhancement here I wonder?

[Wisdom]

Also it shows "suspicious" when a file is detected by CIMA right ?

No, It shows "virus".
Lookup servers in fact includes CIMA and Cloud Database (whitelist & blacklist in cloud). And also may soon valkyrie.

[Yash Khan]

There is a hidden or internal whitelist by Comodo in version 5. The programs in this whitelist doesn't appear in Trusted Lists. Now how would a user know if an X program was found in the internal whitelist or it bypassed Comodo security?

Is this the same in version 6?

[Dragma]

anybody has comodo beta 6.0 send it to me

[giulio]

anybody has comodo beta 6.0 send it to me

??

we are waiting all CIS 6 beta....

[RealNature]

anybody has comodo beta 6.0 send it to me