comodo must increase self defence

with comodo gaining popularity , it will gradually become target of malware writers
though comodo deployes robust self defense measures
i think it would be prudent to have a dedicated team to look after that the guard is guraded >:-D
regards

If you come across a weakness, the developers would love to hear about it.

Yes , if u found a weak spot , share your knowledge.

I am no programmer , but seeing the enthusiasm of comodo team i just want a particular group of developer
preferably independent keep on trying to dismantle the security
so that you discover holes before others can :slight_smile:
one way i suggest is to run diagnostic before every boot ( to check if all modules are functioning properly)
regards

Not everyone runs CIS with all features enabled. Disabling D+ allows you to kill cmdagent.exe. I would like to see CIS protected by the other sub groups as well, CAV and CFP. If any one of those features is enabled, cmdagent.exe should be protected.

Never knew that you could wipe out cmdagent.exe, thought was only the GUI… This should be fixed as soon as possible, just to be safe! :slight_smile:

This has been discussed exhaustively with nothing being done to change the protection:

https://forums.Comodo.com/beta-corner-cis/i-can-kill-cmdagentexe-t60869.0.html;msg427628#msg427628

https://forums.Comodo.com/wishlist-cis/poll-secure-the-protection-for-cmdagentexe-t60930.0.html;msg428103#msg428103

Thanks, and although it maybe too late I have voted in the poll anyway, cannot understand why Comodo do not think that self-protection of the product itself is not priority?

Having cmdagent.exe protected by the other sub groups is an advantage if you have temporarily disabled D+ and have forgotten to turn it back on. There is no warning or alert when a sub group has been disabled (discussed here) and it can be a long time until you remember that you’ve had it off for a while.

great find Ayeaye captain
I request mods to kindly make vulnerabilities hidden as soon as posted

:smiley:

Well if you know how you can kill cmdagent, by setting the D+ rules correctly you can test it. Killing cmdagent does nothing to prevent CIS from doing its job, in fact, CIS goes into a sort of paranoid mode where it asks for every app, safe or unsafe for both Firewall and D+ Alerts.

Killing cmdagent or cfp.exe or both, will only make it harder to infect a system.
But fact is I cant kill CIS with default settings on.

I get 340/340 on Comodo leak test with cmdagent.exe not running.

Now you do have a point saying not everyone runs D+, and on that fact, i think Comodo should add background protection for CIS that is not related to D+ being turned on.

Cheers

That’s good to know! I was under the assumption that cmdagent.exe was the main component of CIS. It’s nice to know that if it gets killed that I’m still protected! That also makes moot the point I made about not running D+. I have some friends that can’t stand the D+ alerts and refuse to run D+ (at their own peril). Since cmdagent.exe doesn’t command the protection CIS gives, I can rest assured that they are protected even if they choose to leave D+ disabled.

Well the firewall will still work in your friends case should cmdagent ever be killed, the AV wont, that uses cmdagent I belive.

But i get the feelling having D+ off, will allow a 3rd party program to remove D+ and Firewalls driver upon a reboot, do not quote me on this as i have not tested it.