Thank you! I haven’t spoken or written English for decades. Es ist ein grosser Unterschied, ob man Englisch liest oder die Sprache aktiv verwendet. Oh man, wenn ich nur an die Zeiten denke, die richtig zu verwenden. But I hope, and it seems, that you still understand what I mean. Oh, here it is again this “you” !
German : Natüüüüüüüüüüüüüüüürlich , alles gut Kumpel … !!! ;D English: Of course , it´s all good dude … !!! :-TU 
Well, let’s stop talking German here before we get reprimanded ! :a0
I think the default settings should be ProActive…give everyone the best protection possible. But that’s just me.
Took me a while to explore and experiment with CIS, but I now completely agree with you on this one . . . .
Although I have a slightly modified proactive config but I also agree with that !!! :-TU
I have some configuration from slightly to strong.
As I wrote I trust on the configuration which my nephew (who is responsible in a big company for security - I mention this to inform about the source) once recommended and this works. This configuration is similar to cruelsister’s configuration (e.g. protection of ports).
With the ProActive I don’t feel as protected as I want it to be (but is more a feeling of mine). I’m not at all a computer scientist as my nephew is or some in this forum. But if someone isn’t motivated to be more involved in it, it is certainly a recommendable config.
What do you mean exactly , when you say you don’t feel as well protected as you would like it to be ? Can you explain this a little closer ? Thx !!!
I compared quickly (I said I’m not a computer specialist) the configurations and I simply have a better feeling due to the following:
Hiding my IP-Adress
preventing IP-Leak
the range of IP4-addresses
ports not only closed but hided
more contol and limitations of ports and in-/outgoing
Outgoing (I’ve read) has become a more serious problem meanwhile than before and our attention should not be focused only on incoming as a threat/danger.
I think with my configuration I am or that of cruelsister you are better protected.
Cruelsister’s configuration is definitely the best for the majority of non-experts. Experts will be even more paranoid and tighten outbound connections and HIPS, etc.
Cruelsister’s config understands that for most users, they have to allow trusted apps do their jobs. No need for HIPS. Hopefully Comodo keeps on top of ensuring trusted apps are really trusted.
After that, anything not trusted has to be stopped and killed immediately, no escape for malware. It’s a great and common-sense approach from her. I agree that Cruelsister’s config should become the standard config for CIS, or at least have a simple button labelled “Protect Plus” or similar which enables her settings. If Comodo did this setting as a default it would WIN every test out there!
So I did it without being an expert. My main-config bases more on the following configuration with some more “paranoid” modifications:
VPN is of course useless when I do online banking or shopping. As I mentioned I have various settings and when doing online-banking etc. I trust (and I hope I can) on comodo’s Secure Shopping.
Hi Guys! I’m glad that you like my setup (I REALLY like the enhanced setup idea)!
Prodex- you are entirely correct that OutBound Network protection is of paramount importance. Consider info-stealing malware such as Bankers, Keyyloggers, etc. Breaking it down to its most basic this form of malware has 2 components: one, it has to get on your system and gather up the information to be stolen, and second it MUST transmit this stolen info to BlackHat command. If either of the 2 components are blocked the malware is transformed from something horrible to just another piece of junk. with Comodo both malicious pathways would be prevented, which is Optimal.
Also be aware of what sort of browser addon or extension you have installed. Far too many have faith that whatever extension they see will be legitimate and this is far from the case (especially in today’s climate of Miners). Even an extension that may have been trustworthy for years could be purchased from the original developer and re-coded into something awful.
Not to make you paranoid, but just remember that everyone is actually out to get you…
;D ;D ;D :-TU
I think it’s alright when I ask in this thread a question because it is related with the configuration discussed here:
I have a PC with Windows XP because of software which I still like to use, but they don’t run on Windows 10.
Can I risk going online with this comodo configuration? The answer can be short. Thank you?
And therefore I made my home to my “castle” - it’s nearly the same - but the outgoing. I don’t want anyone coming in without permission and that’s why nobody can go out? (:AGY)
P- Yes, you can run CF on an XP system and the protection will be equivalent to Win7.
But regarding Inbound vs outbound protection- Today the only time a Home user needs to worry about something coming in is if that person already has a malicious receiver installed on the system (sort of like a TeamViewer for Blackhats). Otherwise just trying to break in cold is much too much work for far too little gain. Better to trick someone into installing a RAT! Let them do the hard work for you (and the potential victims will be multiple instead of singular).
An analogy would be a safecraker- Why go through the trouble of drilling into the safe when some fool will open it for you? OutBound protection would be like someone blowing that thief away with a shotgun as they try to exit the bank.
And therefore some argue that cis isn’t for beginners or it’s not to recommend (because you don’t know what comodo ist doing), and they are right. It’s simply complicated if you don’t want more than start your pc like a car and go on. It’s just complicated if you don’t want more than to start and continue running your PC like a car, and with Automatic it’s even easier. To know which ports are important, dangerous and so on you are depended on predefined rules. Not everyone has the desire and time to familiarize themselves - it’s not only the case here.
Notice that dangerous and important ports belong to the discourse using a two way firewall and not with a Stateful Inspection firewall like CIS. Just let it block all incoming traffic and open ports only for the few applications that need open ports.
Are you referring to specifically using Safe Mode?
Now we are at a point I don’t understand nothing - due to deeper knowledges about informatics, Stateful Inspection (I read this the first time and looked here Stateful vs. stateless firewalls: Understanding the differences | TechTarget for the first information) and due to my knowledge in English.
I understand your post in this way:
cis has nothing to do with ports (but I don’t think you meant it in this sense). In my cis-configurations I close some ports (range of ports).
Ah - am I right when I understand your post in this way:
cis uses Stateful Inspection which is safer than the closing and opening of ports for programs? e.g.: “attachment” as an example what you can do in/with cis. Once more: do you mean not to use cis in this way or using cis but not in this way?
Hi guys,
new test found on Youtube.
Excellent results :-TU
https://avlab.pl/en/best-free-antiviruses-2018-recommended-avlab-home-users-and-small-business
The list of the best free antiviruses for 2018 year prepared by the AVLab editorial team is a summary of the entire 2017 year and previous years. Recommended free anti-viruses securing small businesses and individual clients have been gathered in one place, granting each solution evaluation and appropriate recommendation of AVLab.Our tests against fileless viruses (known as fileless) proved that the default settings of Comodo Internet Security allow access to the network of viruses running in the sandbox. For example, if through the functionality of “Protected Data Folders” the folder with files is not added to areas inaccessible to viruses in the sandbox, it is possible for the attacker to remotely interfere with files on the hard disk. We recommend paying attention to this by adding critical folders with data to the list of “protected data folders” in the HIPS module settings.
Rating: * * * * *
Comodo Internet Security is recommended to individual users and in particular to micro and small companies that receive a very high level of protection for workstations for free.
Out of 12 programs CIS and two other programs received 5 stars. CIS has improved.