Author Topic: weakness of the gpCode  (Read 107035 times)

Offline Ronny

  • Retired - Product Translator
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 13551
  • Retired - Volunteer Moderator
Re: weakness of the gpCode
« Reply #135 on: May 13, 2011, 10:27:13 AM »
Will I create a File Group for this? How can I create that...I am at a loss (Protected Files and Folders/Add then what..? Or Group/Add New Group/..then...?)
Go to Defense+, Computer Security Policy, Protected Files & Folders.
Press 'Groups' and Add, A new group. Give it some name, Scroll to the bottom of the policy there you can find the new group, select it and right click, then Add the lines one by one.

*.txt|
*.chm|
*.jpg|
*.7z|

And which ever extension more you wish to protect e.g. *.doc, *.xls etc...

Press Apply, now IMPORTANT !! Add 'File groups' And select the group you just created.
Make sure it's added to the 'Protected files and folders' tab and looks 'grayed out' then it's active after the next Apply.

Same procedure for \Device\KsecDD
Retired - Volunteer Moderator
Any concerns? Please send me a PM or review the Forum Policy -  update Jan 3rd 2013!

Offline aigle

  • Comodo's Hero
  • *****
  • Posts: 722
Re: weakness of the gpCode
« Reply #136 on: May 13, 2011, 11:18:11 AM »
Or you can just wait for the next major version.

And if you don,t use sandbox in next version, wait for version 10 of Comodo Defence Plus that will deal with this behavior of gpcode.  :-TD :-TD

Offline voltron

  • Comodo Family Member
  • ***
  • Posts: 82
Re: weakness of the gpCode
« Reply #137 on: May 14, 2011, 04:57:21 PM »
Thanks.

Offline morphiusz

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3082
    • Suspicious file?
Re: weakness of the gpCode
« Reply #138 on: June 04, 2011, 03:43:51 PM »
http://blogs.comodo.com/category/pc-security/file-protection/

I want only to remind you Melih, that Gpcode and blackday are truly 'file attackers' :).


« Last Edit: June 09, 2011, 09:53:14 AM by morphiusz »

Offline morphiusz

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 3082
    • Suspicious file?
« Last Edit: June 09, 2011, 10:06:34 AM by morphiusz »

Offline Siketa

  • Comodo's Hero
  • *****
  • Posts: 5066
Re: weakness of the gpCode
« Reply #140 on: June 14, 2011, 09:00:33 AM »

Offline aigle

  • Comodo's Hero
  • *****
  • Posts: 722
Re: weakness of the gpCode
« Reply #141 on: August 19, 2011, 05:58:47 PM »
A lame fix indeed.

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5717
Re: weakness of the gpCode
« Reply #142 on: August 19, 2011, 06:11:02 PM »

Offline SivaSuresh

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 1377
  • Avert the danger that has not yet come
Re: weakness of the gpCode
« Reply #143 on: March 21, 2013, 09:36:32 AM »
Any progress so far ?
with love Siva Suresh
|| Windows7 x64 | CIS 10 | Firefox | Thunderbird | CCleaner | Evernote | PStart | UltraCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD  || 6TB SATA II HDD 6Gb/s

Offline wasgij6

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 5717
Re: weakness of the gpCode
« Reply #144 on: March 21, 2013, 11:05:46 AM »
Any progress so far ?

Yes
with v6 the autosandbox in limited and above can block it, HIPS can now block it, the only one that cannot is partially limited and egemen said this was the expected behavior.

Offline malwarekiller

  • Comodo Loves me
  • ****
  • Posts: 194
Re: weakness of the gpCode
« Reply #145 on: June 07, 2013, 04:17:04 AM »
This is lame fix indeed...I am curious,is the default CIS completely immune to something like stuxnet or flame?

Offline Sanya IV Litvyak

  • Comodo's Hero
  • *****
  • Posts: 4214
  • Lurking
Re: weakness of the gpCode
« Reply #146 on: June 07, 2013, 06:53:03 AM »
This is lame fix indeed...I am curious,is the default CIS completely immune to something like stuxnet or flame?
If you have a sample we could test.   ;D (I'd actually like to see what would happen  :P)
I support privacy and freedom online - eff.org

Offline malwarekiller

  • Comodo Loves me
  • ****
  • Posts: 194
Re: weakness of the gpCode
« Reply #147 on: June 07, 2013, 07:04:18 AM »
If you have a sample we could test.   ;D (I'd actually like to see what would happen  :P)

Yes I do have sample...I read wilders forum default CIS doesnt intercept the the dll injection of stuxnet thereby allowing the infection to get past...But this may have changed in v6,will be curious to know the result...I can e-mail or PM anyone who wants samples of stuxnet and flame for test.  :)

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek