Recent Posts

Pages: 1 2 [3] 4 5 ... 10
21
Could you still post a screenshot of the HIPS Event Logs here? It will allow us to understand what is happening and comment when we think it is needed. It will also help other users to understand.
23
2019.03.21
Rules for modsecurity v2.x: Apache, LiteSpeed, Nginx, IIS
Rules for modsecurity v3.x: Nginx
Version 1.201


- SQLi vulnerability in J2Store plugin 3.x before 3.3.7 for Joomla! (CVE-2019-9184)
- XSS vulnerability in Quiz and Survey Master Plugin v6.0.4 for WordPress (CVE-2019-9575)
- SQLi vulnerability in Forminator Contact Form, Poll & Quiz Builder plugin before 1.6 for WordPress (CVE-2019-9568)
- Arbitrary code execution vulnerability in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 (CVE-2019-6340)
- XSS vulnerability in Metinfo 6.1.3 (CVE-2018-19835)
- XSS vulnerability in WUZHI CMS 4.1.0 (CVE-2019-9110)
- XSS vulnerability in Collabtive 1.3
- XSS vulnerability in Font Organizer plugin 2.1.1 for WordPress
- SQL vulnerability in WordPress Booking Calendar Plugin v8.4.3 for WordPress
- XSS vulnerability in Geo Mashup Options plugin 1.11.4 for WordPress
- XSS vulnerability in LightGallery plugin 1.0.3 for WordPress
- XSS vulnerability in WP Product Gallery Lite plugin 1.0.4 for WordPress
24
Defense+ / Sandbox Help - CIS / Comodo blocking itself!
« Last post by DavidGB on Yesterday at 09:10:20 AM »
For awhile now, every time I think to look at the Blocked Applications in Comodo, I find four entries, all showing as blocked by HIPS - and the SAME four entries every time, despite the fact that all are rated as trusted, all are from trusted sources, and each time I unblock them for the component shown in the 'blocked by, i.e. HIPS. But the next time I look, whether several days later, or the next day, there they are back again in the list, blocked by HIPS again.

And here's the funny thing:

One is the Microsoft Windows compattelrunner.exe that reports back to Microsoft about software compatability issues..

One is SRE.exe, which is a utility provided by Dell for my Dell laptop, to check for updated drivers, clear up things like temp files, run diagnostics on the hardware, and receive tech support if needed from Dell.

And the other two? Comodo's cis.exe and cavwp.exe.

That's right - Comodo is showing its own main exe and updater exe as blocked by its own HIPS!

I am getting REALLY tired of unblocking these four out of the block list. Why do they keep coming back, and how do I stop them coming back?
25
What you showed is not the HIPS event logs, the logs will show why they are being blocked by indicating the actions that are blocked by HIPS.

In the meantime I was contacted via pn and sent the logs.
26
What you showed is not the HIPS event logs, the logs will show why they are being blocked by indicating the actions that are blocked by HIPS.
27
Can you show a screenshot of the HIPS logs showing what files are getting blocked?

Here they are...

I tell CIS that those are safe and shouldn't be blocked, but after some time (sometimes just a few seconds) they appear on that list again...



28
Hi Razvan Romanescu! Well, I will wait.
29
The firewall slows me down the connection a lot, bringing it almost to zero ....
Turning it off restarts everything regularly, reactivating it again almost to zero ...
I uninstalled it again and returned to CAV.
Nothing ... you have to make a stable and reliable version ... :'( :'( :-TD
Sometimes when uninstalling a security program it may leave behind a driver or service. This driver or service may cause unexpected interactions with CIS.

Could you please run clean up tools of security programs you had installed in the past to make all traces of them are removed?  A list of such clean up tools can be found here: https://support.eset.com/kb146/?page=content&id=SOLN146 .

Experienced users could use Autoruns and look for left over drivers or services.
30
Can you show a screenshot of the HIPS logs showing what files are getting blocked?
Pages: 1 2 [3] 4 5 ... 10
Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek