Iam running vista and today I installed Comodo Memory Firewall.
I Got 3 questions.
I installed this today and did a reboot. After that I saw that I have a file in exclusions, (without clicking ok to anything)
This file is called slsvc.exe.
And located at:
C:\windows\system32\slsvc.exe
Is this app safe? And why was it added there automatically?
Comodo Memory Firewall versus “Comodo safe surf”, whats the differences?
Does Vistas “UAC” protect you from buffer overflow attacks somewhat? I mean, not the actual overflow in the attack but the possible installation of files? or does Defence+ defend you somehow?
Safe Surf is the newer version of CMF. From Safe Surf help file.-
After installation, the program will monitor and protect the memory space of all applications that are running on your system and immediately block any buffer overflow attacks.
UAC no. there may be other buffer overflow protection out there.
Tack (thanks) LeoniAquila. (I know you speak swedish). (:WIN)
and eXPerience and Bad Frogger and Kyle for all sharing your thoughts.
Two last questions… :THNK
Is there someone currently coding on Comodo Memory Firewall or do you consider it to be fully finished (for now until maby a totally new type of Buffer Overflow is detected or a major bug? 90% plus is very good, but wouldn’t 98% be awesome?)?
Is it the same coders coding CMF and SS? (If not, do they share the code? so you can expect the same quality of code in both softwares, I mean they are both there to do the same job and a new detection should be implanted in both softwares, that what I think…)
I was pointing at a product that really protects you from it. With SBX or GSW you will still be attacked, but the attack will stay in the box while with CMF you’re from the attack
Well, I’m not sure if the others actually happen that much. But I’m sure that CMF/SS are being updated all the time so normally they will become 99% bulletproof
2)
Is it the same coders coding CMF and SS? (If not, do they share the code? so you can expect the same quality of code in both softwares, I mean they are both there to do the same job and a new detection should be implanted in both softwares, that what I think..)
As LA pointed out already : The source code from SS and CMF are the same, but SS is a newer version AFAIK (with less bugs)
Tack
That's one of the only norwegian/swedish I know and you can place : duzend (phonetic ;)) in front of it :P
UAC does not protect from BO, but DEP will. As everything else, it won’t protect 100%. Anyway, if you enable DEP you’ll be better protected than if you didn’t.
If you turn on UAC, you may also run IE7 and IE8, if the case, in Protected Mode, which will lower IE’s rights to the system.
DEP is actually useful. I have it set to protect all applications and when I ran the BO tester DEP caught the first couple before SS did, but it missed the last one (SS got it).