CIS3.8...Is SafeSurf still needed.

BeatenRabbit · February 13, 2009, 6:08pm

Was just wondering by installing comodo cis 3.8 do i still need safesurf since buffer overflow protection is included with cis?

darcjrt · February 13, 2009, 6:13pm

you can safely uninstall safe surf. Make sure you check DETECT SHELL CODE INJECTION under D+ >> Advance >>Image execution

Pieteke · February 17, 2009, 11:34pm

But why was it an option when installing CIS 3.8 (sorry but I’m a new user of CIS).
Is it the same product as Memory Firewall ? Or a version limited to the internet browsers ?

Thanks

LeoniAquila · February 17, 2009, 11:52pm

My guess is that SS is still bundled with CIS due to the Ask.com toolbar, which Comodo get revenues from. You don’t need SS anymore (but of course you can keep the toolbar if you wish) as this is fully covered by Defense+ in CIS.

goodbrazer · February 22, 2009, 12:24pm

Hi, Lars. Is it stated by devs or Comodo support that new option “Detect shellcode injections” of D+ makes SafeSurf (not toolbar but protection app) redundant in terms of providing extra protection (which D+ cannot provide)??
If you know, please drop a link here.

LeoniAquila · February 22, 2009, 12:35pm

Hi Indirectly yes, since SS won’t add anything to CMF and according to this post you don’t need CMF:

https://forums.comodo.com/feedbackcommentsannouncementsnews_cis/comodo_internet_security_3864263468_released-t34345.0.html;msg247337#msg247337

goodbrazer · February 22, 2009, 1:27pm

thank you :-TU
it is indeed explains everything

goodbrazer · February 22, 2009, 2:36pm

I was able to make sure D+ of CIS 3.8 better catches BO than SS 1.0.0.6 (though not sure about latest 1.0.0.7): i have one tiny harmless app which produces BO and SS 1.0.0.6 don’t catch this BO, but CMF 2.0.4.20 (latest) and CIS 3.8 do catch.
Attached application. It’s aim is to help learn English. Archieve password 1234 (you will need some archiever to open it, e. g. 7-zip).
Go ahead and compare SS vs CIS 3.8 (in terms of providing BO protection).

p.s.: if anyone from mods will consider this attachment inappropriate, pls delete it, though it is not a malware despite some AVs report it is (details here).

[attachment deleted by admin]

crysisfan · February 22, 2009, 3:00pm

The reason why SafeSurf didn’t catch it is because SS protects only your browser against BO attacks, not the whole computer like CMF does (both built-in in CIS as well as a standalone).

goodbrazer · February 22, 2009, 3:10pm

It seems to me that SS protects not only browser because it catches all 3 BOs from Comodo test suite (found on this forums). Correct me if i’m wrong, but these tests are not targeted against any browser (its vulnerabilities).

crysisfan · February 22, 2009, 4:51pm

Well, it’s quite complicated, but as Melih has stated SS does not protect your whole computer because it is not its job to do so.
A quote from Melih:

Nevertheless, if you have either CMF or CIS 3.8 you are covered (:KWL)