Author Topic: 3 (annoying) Questions about the memory firewall.  (Read 15863 times)

Offline Commanding The Celsius

  • Product Translator
  • Comodo's Hero
  • *****
  • Posts: 1520
  • ^^^^
3 (annoying) Questions about the memory firewall.
« on: December 24, 2008, 03:27:49 PM »
Iam running vista and today I installed Comodo Memory Firewall.
I Got 3 questions.


1)
I installed this today and did a reboot. After that I saw that I have a file in exclusions, (without clicking ok to anything)
This file is called slsvc.exe.
And located at:
C:\windows\system32\slsvc.exe

Is this app safe? And why was it added there automatically?

2)
Comodo Memory Firewall versus "Comodo safe surf", whats the differences?

3)
Does Vistas "UAC" protect you from buffer overflow attacks somewhat? I mean, not the actual overflow in the attack but the possible installation of files? or does Defence+ defend you somehow?

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: 3 (annoying) Questions about the memory firewall.
« Reply #1 on: December 24, 2008, 05:58:52 PM »
Hey there  (:HUG)

1) I don't know if this is standart in the exclusion files, but if you didn't add it I assume it's safe :).

2) SafeSurf protects your browsers only, CMF protects your whole computer

3) No, no program in the whole world except CMF protects again Buffer Overflows for now...

See ya

Xan

Offline Bad Frogger

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 1511
Re: 3 (annoying) Questions about the memory firewall.
« Reply #2 on: December 24, 2008, 06:29:55 PM »
1. Vista software licensing service.

2. Safe Surf is the newer version of CMF.  From Safe Surf help file.-
After installation, the program will monitor and protect the memory space of all applications that are running on your system and immediately block any buffer overflow attacks.

3. UAC no. there may be other buffer overflow protection out there.

Xan are you drinking the holidays away :Beer
CIS    Firefox  NoScript  Please remember to follow The Forum Policy.

Offline Kyle

  • Computer Security Testing Group
  • Comodo's Hero
  • *****
  • Posts: 3679
Re: 3 (annoying) Questions about the memory firewall.
« Reply #3 on: December 24, 2008, 06:37:17 PM »
Hey there  (:HUG)

~SNIP~

3) No, no program in the whole world except CMF protects again Buffer Overflows for now...

See ya

Xan

*Incorrect Buzzer sound*  (:TNG)

Acouple of other programs do Sandboxie and Geswall for example.
Windows 7 x64
AMD FX 8120, 8gb ram, ATI 6870 1gb

Offline Commanding The Celsius

  • Product Translator
  • Comodo's Hero
  • *****
  • Posts: 1520
  • ^^^^
Re: 3 (annoying) Questions about the memory firewall.
« Reply #4 on: December 24, 2008, 07:14:37 PM »
2. Safe Surf is the newer version of CMF.  From Safe Surf help file.-
After installation, the program will monitor and protect the memory space of all applications that are running on your system and immediately block any buffer overflow attacks.

2 new questions:

1)
So you are saying that Safe Surf is the way to go?
I mean, you keep that one better up-to-date?
Its the "new-est"..?

2)
Why have 2 almost identical softwares?
That confuses me.  :D

Offline LeoniAquila

  • Retired moderator
  • Comodo's Hero
  • *****
  • Posts: 6745
Re: 3 (annoying) Questions about the memory firewall.
« Reply #5 on: December 24, 2008, 07:17:42 PM »
New answers :)

1) SS is newer than CMF but it uses CMF technology. I don't think (I'm not 100% certain though) SS is better at all.

2) SS was developed as a program simple to bundle with CFP and later CIS, that's the story! If you start from scratch, I would go with CMF instead.

LA

Offline Commanding The Celsius

  • Product Translator
  • Comodo's Hero
  • *****
  • Posts: 1520
  • ^^^^
Re: 3 (annoying) Questions about the memory firewall.
« Reply #6 on: December 24, 2008, 07:41:11 PM »
Tack (thanks) LeoniAquila. (I know you speak swedish).  (:WIN)
and eXPerience and Bad Frogger and Kyle for all sharing your thoughts.

Two last questions..  :THNK

1)
Is there someone currently coding on Comodo Memory Firewall or do you consider it to be fully finished (for now until maby a totally new type of Buffer Overflow is detected or a major bug? 90% plus is very good, but wouldn't 98% be awesome?)?

2)
Is it the same coders coding CMF and SS? (If not, do they share the code? so you can expect the same quality of code in both softwares, I mean they are both there to do the same job and a new detection should be implanted in both softwares, that what I think..)

Offline fazio93

  • Comodo Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2455
Re: 3 (annoying) Questions about the memory firewall.
« Reply #7 on: December 24, 2008, 07:52:51 PM »

1)Is there someone currently coding on Comodo Memory Firewall or do you consider it to be fully finished (for now until maby a totally new type of Buffer Overflow is detected or a major bug? 90% plus is very good, but wouldn't 98% be awesome?)?
I think the next version will be integrated into CIS.  ;)
Windows 7 Ultimate 64-bit
Please remember to follow the Forum Policy.

Offline LeoniAquila

  • Retired moderator
  • Comodo's Hero
  • *****
  • Posts: 6745
Re: 3 (annoying) Questions about the memory firewall.
« Reply #8 on: December 24, 2008, 08:38:03 PM »
Tack (thanks) LeoniAquila. (I know you speak swedish).  (:WIN)

(:HUG)

1)
Is there someone currently coding on Comodo Memory Firewall or do you consider it to be fully finished (for now until maby a totally new type of Buffer Overflow is detected or a major bug? 90% plus is very good, but wouldn't 98% be awesome?)?

2)
Is it the same coders coding CMF and SS? (If not, do they share the code? so you can expect the same quality of code in both softwares, I mean they are both there to do the same job and a new detection should be implanted in both softwares, that what I think..)

1) I'm sure they're thinking of how to improve it, but it has been considered stable for a long time now.

2) I guess the same team handle CMF and SS. Anyhow, SS is "powered" by CMF so code should be shared.

Your questions are better answered by a developer. My advice though would still be CMF unless anyone in the staff says otherwise. ;)

LA

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: 3 (annoying) Questions about the memory firewall.
« Reply #9 on: December 25, 2008, 05:39:49 AM »
2. Safe Surf is the newer version of CMF.  From Safe Surf help file.-
After installation, the program will monitor and protect the memory space of all applications that are running on your system and immediately block any buffer overflow attacks.

3. UAC no. there may be other buffer overflow protection out there.

Xan are you drinking the holidays away :Beer
If you were pointing at the water... yes :)
*Incorrect Buzzer sound*  (:TNG)

Acouple of other programs do Sandboxie and Geswall for example.
I was pointing at a product that really protects you from it. With SBX or GSW you will still be attacked, but the attack will stay in the box while with CMF you're from the attack

Xan
« Last Edit: December 25, 2008, 05:49:43 AM by eXPerience »

Offline eXPerience

  • Left the Forums
  • Comodo's Hero
  • *****
  • Posts: 6958
  • Free Forever !
Re: 3 (annoying) Questions about the memory firewall.
« Reply #10 on: December 25, 2008, 05:44:21 AM »
1)
Is there someone currently coding on Comodo Memory Firewall or do you consider it to be fully finished (for now until maby a totally new type of Buffer Overflow is detected or a major bug? 90% plus is very good, but wouldn't 98% be awesome?)?
Well, I'm not sure if the others actually happen that much. But I'm sure that CMF/SS are being updated all the time so normally they will become 99% bulletproof

Quote
2)
Is it the same coders coding CMF and SS? (If not, do they share the code? so you can expect the same quality of code in both softwares, I mean they are both there to do the same job and a new detection should be implanted in both softwares, that what I think..)
As LA pointed out already : The source code from SS and CMF are the same, but SS is a newer version AFAIK (with less bugs)

Quote
Tack
That's one of the only norwegian/swedish I know and you can place : duzend (phonetic ;)) in front of it  :P

Xan

DarkButterfly

  • Guest
Re: 3 (annoying) Questions about the memory firewall.
« Reply #11 on: December 25, 2008, 09:58:49 AM »

Does Vistas "UAC" protect you from buffer overflow attacks somewhat? I mean, not the actual overflow in the attack but the possible installation of files? or does Defence+ defend you somehow?

UAC does not protect from BO, but DEP will. As everything else, it won't protect 100%. Anyway, if you enable DEP you'll be better protected than if you didn't.

If you turn on UAC, you may also run IE7 and IE8, if the case, in Protected Mode, which will lower IE's rights to the system.

Offline fazio93

  • Comodo Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 2455
Re: 3 (annoying) Questions about the memory firewall.
« Reply #12 on: December 25, 2008, 10:46:56 AM »
UAC does not protect from BO, but DEP will. As everything else, it won't protect 100%. Anyway, if you enable DEP you'll be better protected than if you didn't.

If you turn on UAC, you may also run IE7 and IE8, if the case, in Protected Mode, which will lower IE's rights to the system.

DEP is actually useful. I have it set to protect all applications and when I ran the BO tester DEP caught the first couple before SS did, but it missed the last one (SS got it). :)
Windows 7 Ultimate 64-bit
Please remember to follow the Forum Policy.

DarkButterfly

  • Guest
Re: 3 (annoying) Questions about the memory firewall.
« Reply #13 on: December 25, 2008, 04:56:51 PM »
DEP is actually useful. I have it set to protect all applications and when I ran the BO tester DEP caught the first couple before SS did, but it missed the last one (SS got it). :)

And that's why I'm a fan of layered security. What one may miss, the other may prevent. :)

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek