Could everyone please confirm that the cmddata file increases in the CIS v12.2.2.8012 or not ? as we couldn’t see large size of cmddata in our machines.
Hello,
I would like to know how much time devs are dedicating to fix these issues.
I don’t want to be rude but i would like to pay for a good firewall solution, often updated with fast bug fixes.
Is the comodo team working on this stuff? What are the company goals for the future? When will a new version be out?
No because it is not an issue, what you are suggesting is to completely undo safe mode to the point where safe mode would become useless. For the last time, if you do not want trusted applications to be able to modify files that are set in protected files, you must set HIPS to paranoid mode. Safe mode is not going to prevent or alert about trusted applications from doing anything other than when they try to execute an unknown or malicious rated executable.
As I discovered lately (see the relevant thread) HIPS Safe mode can be setup in such a way so that it is possible to create read-only access protection for selected files and/or directories, perhaps you gave it a try and can confirm that it works.
If I can intrude on this thread, I’d just like to point out that the exceptional protection afforded by Comodo rests in the Containment + Firewall combination. In spite of the resources put into the AV segment, an honest opinion would be that it is mid-tier at best. And some secret knowledge here: ANY HIPS modules can be bypassed quite easily (trust me), even those that are set at the “paranoid” level.
This being said, Best Practice would be to streamline a Comodo setup and not play st all with settings that add nothing to protection but can potentially lead to annoyances. Remember that the amount of bugs seen is directly proportional to the complexity of the setup one uses.
lets consider this: cis free is not abandoned and they release a new edition fixing the problems regardles cis modules taking high cpu and ram, and cis ignoring already trusted files… lets say they release a new update fixing these things… now i ask you my girl: is that possible to have full cis (with av, just to lets defender diabled) but making windows not check for updates status on the av active?
check this case: before cis becomes this horrendus thing, i used it with all on (av, fw and sandbox) and i marked the db updates to be done from 29 to 29 days (dont remember correctly but i marked the high aplicable time accepted by cis) and even so windows check for updates and always showed notificaton regardless this. so i ask you, as you may have the acnowledge, is that possible to make cis av module only check for updates from 6 to 6 months and make windows not check it? if so, and if comodo solve these bugs, it would be my “welcomeback cis” again…
The list of current bugs is expanding, but no status indication (i.e. resolved / in progress / to be done / will not be fixed / etc.) is given on any bugs on the list.
Yes, HIPS alerting file/directory creation by (unknown) applications did work in older CIS versions. Bug fix should be set to high priority as it is a security issue.
30. HIPS ignores certain actions of applications that are running as the SYSTEM account. E.g. Direct disk, direct keyboard, direct monitor access. That means if an unrecognized application is elevated to SYSTEM, HIPS will not alert for various actions carried out by that unrecognized application.
Hi all,
From the above reported issue no-30, we understood that when the unrecognized application is elevated and running, the HIPS is not alerting for various actions carried out by the unrecognized application right
Or did we missed something to understand about the issue ?
If anyone could able to elaborate this issue detailly, please elaborate so that we will report this to the team.
I confirm the issue.
If I run an unrecognized application elevated to SYSTEM then HIPS doesn’t alert for Direct disk access. However when the same unrecognized application is run as administrator then HIPS does alert for Direct disk access.
Same issue might happen with direct keyboard, direct monitor or other access methods, I did not check that.
Hello all,
I did the test and everything works fine for me under:
Windows 10 Pro x64 Build 19043.1348 - Comodo CIS Pro v.12.2.2.8012
Custom firewall mode
Safe HIPS mode