Attack via USB

Hi friends,

Would Comodo FW show a popup warning if a malicious program is trying to attack via an USB storage ?
It looks like several AV/AM/AS-protection tools are sometimes failing on this issue … :o

Thanks for any comment on this newbie-question … :-\

Berny +++

you mean the Defense+ part? yes it will catch it :slight_smile:

In order to be effectively protected you should also avoid to mark to be remembered any alert that pertain an external USB storage path.
In the same vein apps on external USB storage paths should have no predefined (treat as) or custom policy assigned to them.

V3 file protection don’t rely on file hashes to check if an executable is changed but instead monitor file access directly.
V3 policies are enforced by full path ad will work also if the application is updated/changed (as V3 is able to weatch over file operations)

Removable USB storages can also be accessed from other PCs and hus V3 cannot protect them so if a policy is assigned to an executable on a removable drive, V3 will apply that policy again regadless if that app is changed.

If that app got a Trusted application policy it will treted as a trusted app. If that app got a Custom application policy it will be granted the same privileges the policy states and it will only prompt an alert if it will happen something not explicitly allowed by the custom policy