as few noties as possible, how to do it while still secure?

so, i remember that i used to have my firewall set to be secure, but not bother me with popups all the time. but i cant seem to do that anymore, and i dont remember how i did that.

im pretty sure that i only set the firewall security/d+ security level. i cant remember fiddling around with anything else.

anyone have any idea if this is possible or if the firewall has been changed a bit since then? i dont want it to ask me all the time, but i still want it to be secure.

Try setting the Firewall and Defence+ to “Safe Mode”,this should minimize the alerts unless you install something whereby you should switch to “Installation Mode”.

i was thinking about that, but it didnt seem as safe =/.
anyway, i changed to that, but i still get silly notices, like if i would like to let this and that program get access to my keyboard.

Hi

put D+ iin training mode and firewall in Custom Mode.

Just to remind you CFP isa firewall program not Antivirus although it has one one of the Bset HIPS application.

It is too generic to help you little in everyday work, though sure it will warn you of every change to your syestem

Regards

Adi

i think the main purpose of having a full HIPS (Defense+) is warning user if an unknown application is about to run.
if you think your computer is 100% clean then you set the D+ level to Clean PC mode .
with the D+ level, you’ll be warned only when you install/run something new :■■■■

In several other posts, users have discussed the possibility of applying an optional whitelist to D+ to help avoid the protracted D+ learning period and to avoid alerts about safe and common program activities. In my opinion, a D+ whitelist would be the best way to have as few notices as possible while still staying secure. But, at this point it is not available for D+ :-[

Previous posts that suggested a whitelist for D+:

Make a whitelist for known and trusted behaviors for D+ ---- A white list of over a million applications is not very helpful if it only applies to the firewall and not to D+. The number of alerts I received was absolutely rediculous. Make a whitelist for known and trusted behaviors for D+, then allow the user to select whether to ignore the whitelist or use the whitelist. It is disconcerting to see D+ to pop up alerts when explorer launches a known windows process. By the way, the technique of training the firewall is fine for techie’s, but for the average user, it is unsettling to deal with the abundant alerts about unfamiliar programs (which are actually common system/windows components) . A co-worker ditched CPF3 because she felt more safe with Norton’s firewall! She said that the alerts from Norton represented a real threat and not gobble-dee-■■■■ that scared her for no reason.
[was posted here: https://forums.comodo.com/feedbackcommentsannouncementsnews/suggestions_for_cpf-t26598.0.html]

Why don’t you make a safelist of actions that a certain app is doing and thus Comodo will alert only for strange and new programs…My point was to make a whitelist with common applications and their activities and for those to get no prompt. Norton IS, for example has this feature and perhaps other firewalls also.
[Was posted here: https://forums.comodo.com/empty-t22991.0.html]

errr,correct me if i’m wrong ???
i think the default D+ level is “Clean PC mode”, and thus all apps on the PC is considered safe(whitelisted).so the only D+ alert we’ll get is when we install/run a new app.
isn’t it the same with this:

oh and can anyone clarify this?

i thought CFP (both firewall & D+) develop its whitelist database altogether, not the firewall part only ???

Well, as you said Ganda, it applies to both of them :slight_smile:

Xan

It appears that some of you are not grasping my point. I apologize if I have not stated this more clearly.

I will assume that Comodo wishes to market its Firewall to the masses…which obviously means that people of all levels of expertise (including novices) will need to feel comfortable with the program. As stated by Melih:
“we are working on making CFP a mass market product! Our strategy to first make sure we build a product that protects people by building one of the most secure apps around and then start making it user friendly without sacrificing its security” [posted here].

So…the novice user will likely be irritated and overwhelmed with the number of unneccessary alerts. So they will likely allow everything and have a higher chance of permitting a malicous process. In my opinion, setting D+ to “clean PC” mode is exactly the same thing: allow everything including a malicous process. What happens if there is an unknown zero-day attack on the computer? In Clean PC mode, D+ just learns it! That is NOT a strong security product.

If a white list exists for D+, it is woefully inadequate. At least 95% of the alerts I got were from well known, safe programs, processes, and activities.
Okay…I get the fact that I have to waste my time to teach the firewall all these safe programs. While many of you may enjoy spending time adding hundreds of programs and processess to your security policy, I would rather spend my time doing something else.
Okay…I get the fact that I can set my firewall to clean PC mode to help silence the alerts. While many of you may think this is a great solution, I do not. As far as I am concerned, “Clean PC” mode is actually “allow all malicous code” mode, and it does not make me feel safe or confident in D+. Nobody can ever be 100% sure they have a clean PC, and I think Comodo should not encourage people to assume that every file on their PC is safe. I believe a better strategy is assume everybody has an infected PC, then to filter out the safe processes and activities with a sufficient (but optional) whitelist, and then alert only when a suspicous activity occurs. This would be a more intuitive approach for all users, especially the novices. It would also minimize the tedious training, greatly reduce the number of unnessessary alerts, and would eliminate the “allow all malicous code” (clean PC) mode that many users are being encouraged to use.

Now, based on the above comments… the point I was trying to make in my previous post may be more clear. The bottom line is this, in spite of the CFP champions on this site and despite all the excuses and explanations offered for the current way CFP functions…CFP is not ready for the masses. If comodo wishes to reach the masses with CFP, then it will need to address issues such as the one’s I have rasied in this post. Here is a classic example of what I have been saying: “A co-worker ditched CPF3 because she felt more safe with Norton’s firewall! She said that the alerts from Norton represented a real threat and not gobble-dee-■■■■ that scared her for no reason.”

If most techie’s like to fiddle with training and alerts…great, comodo has given them that option.
However, if a user (novice or not) wants to install the product and have it perform its protection with minimal tweaking and few distracting false alarms, then it would be nice if comodo gave them that option (without allowing malicous code as with the clean PC mode).

so, my main point is: Many people would like to have the option of a less cumbersome install/learning with the confidence of CFP’s great security.

i’ve read somewhere in this forum, the reason of having “Clean PC mode” is because you simply must not install CFP (or any other software) on an infected system, that’s why CFP scan for viruses prior to installation.

let’s just assume the user’ve just bought a new comp,the first thing to do is installing his security software (CFP).
“Clean PC mode” should greatly reduce unecessary pop ups, because you’re sure that your system is new & 100% clean.

it does exist :slight_smile:
from CFP help :
Safe Mode: While monitoring critical system activity, the firewall will automatically learn the activity of executables and applications certified as ‘Safe’ by Comodo. It will also automatically create ‘Allow’ rules these activities. For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run

CFP will learn & automatically allow all safe/whitelisted apps

but i think you’re right,it needs far more improvement, i won’t use CFP on my grandma’s computer (because she doesn’t have a comp ;D and oh she passed away 1,5years ago 88) )

where were we?
oh the safelist, ehm (:NRD) and that’s why we have “pending files” & option to submit it to comodo, to help comodo builds it’s whitelist database :■■■■

(and i was being a bad kid deleting all my pending files 88) )
:■■■■

Ganda, I fully understand the points you have made.

Yes…I have read that too. But, as I said, “Nobody can ever be 100% sure they have a clean PC.”
I will re-emphasize a most important point: “I believe a better strategy is assume everybody has an infected PC, then to filter out the safe processes and activities with a sufficient (but optional) whitelist, and then alert only when a suspicous activity occurs. This would be a more intuitive approach.”

Yes, I understand this. As I said: “I get the fact that I can set my firewall to clean PC mode to help silence the alerts. While many of you may think this is a great solution, I do not. As far as I am concerned, ‘Clean PC’ mode is actually ‘allow all malicous code’ mode.”

I am a Comodo fan, and will continue to help build the database by submitting files. I encourage all users to do this because the white list for D+ appears to be inadequate (e.g. “At least 95% of the alerts I got were from well known, safe programs, processes, and activities.”)

“The bottom line is this, in spite of the CFP champions on this site and despite all the excuses and explanations offered for the current way CFP functions…CFP is not ready for the masses.”

When comodo CFP is ready for the masses ( (CWY))…every grandma will be a comodo user (V)

:THNK hmmm, so much for Prevention ;D
prevention-detection-cure
i think CFP3’s job is to fill in the “prevention” part,once it’s breached & you’re infected, then you may panic ;D
yeah, i’m looking forward to CFP with the giant whitelist database too,cheers :■■■■
(:NRD) where’s the OP btw 88)

about this, the default D+ security level is “Clean PC mode”
you said you used to have no pop ups CFP before, and the pop up problem started after you change its Firewall/D+ level,right?
maybe you can try switching it back to Clean PC mode (:WAV)

what i meant with before was some time ago, on another computer, before a formatting.

clean pc mode is not the right one, cause that one gives me even more popups. safe mode gives me fewer, but still some silly ones pop up. guess i have to live with it until a nice whitelist comes out =)

hmmm something’s not right 88)
[i]
Safe Mode: While monitoring critical system activity, the firewall will automatically learn the activity of executables and applications certified as ‘Safe’ by Comodo. It will also automatically create ‘Allow’ rules these activities. For non-certified, unknown, applications, you will receive an alert whenever that application attempts to run. Should you choose, you can add that new application to the safe list by choosing ‘Treat this application as a Trusted Application’ at the alert. This will instruct the firewall not to generate an alert the next time it runs. If your machine is not new or known to be free of malware and other threats as in ‘Clean PC Mode’ then Safe Mode’ is recommended setting for most users - combining the highest levels of security with an easy-to-manage number of Defense+ alerts.

Clean PC Mode: From the time you set the slider to ‘Clean PC Mode’, Defense+ will learn the activities of the applications currently installed on the computer while all new executables introduced to the system are monitored and controlled. This patent-pending mode of operation is the recommended option on a new computer or one that the user knows to be clean of malware and other threats. From this point onwards Defense+ will alert the user whenever a new, unrecognized application is being installed. In this mode, the files in ‘My Pending Files’ are excluded from being considered as clean and are monitored and controlled.
[/i]

so basically:
*safe mode = allow whitelisted apps & ask for unknown apps

*Clean PC mode = all existing apps are considered safe, ask for unknown new apps
you should get more pop ups when you’re using safe mode 88)

then i guess the only possible thing that happened to you was:

  1. you set D+ level to Training mode (this mode will learn & allow anything :o )
    or
  2. you disabled D+ :o
    (:NRD)

hmm… weird =/
ill go back to clean pc and see what happens.

maybe i did have it in training mode before =/. i know that i didnt disable it though.

Ganda, I will agree the operations explanation seems pretty straight forward. What’s not to understand?

I agree with Whoope. I also think that it should not be the default setting for D+ when you install it, it should be safe mode.

Just install, don’t run the scan, and when it’s asking if your computer is secure just say ‘NO’. It should be in safe mode that way

Just popping in :stuck_out_tongue:

Xan