Comodo web shield in CIS

I know how most of you say if you catch a virus on the web then CAV will detect it in real time. But like avast has web shield and even if you go on a web site it will tell you. That way we can stop the problem before it comes on the computer. I just hope it has a webshield

Also add a script blocker :slight_smile:

Well, you do have a name point there. Comodo INTERNET SECURITY, should secure you from the web in all ways.

A web shield is unnecessary. Does it protect your PC MORE? No, because the malware must still access the harddrive and memory to do damage which is scanned by CIS. Web shields also use more resources.

I think you meant the Network Shield in Avast!

I don’t think this will be necessary, plus with IE8’s SmartScreen.
Anyways just use NoScript addon with Firefox.

Network Shield (not Web Shield) will block access to that malicious website - Prevention.

+1 for Network Shield if that is what portage meant. ;D

The problem with NoScript is the assumption that all Javascript is bad. Its approach is to kill Javascript completely on every web page by default. This breaks the functionality of countless web sites right out of the box. Then if you find a web site that you go to doesn’t function without Javascript, you need to add it to your whitelist. Not a great plan. (Not to mention inconvenient)

The fact of the matter is that the majority of the problems stem from scripts that aren’t hosted locally. Meaning, basic web site functionality is almost never the security issue. Who would be stupid enough to make it so easy for people to determine where they picked up the bad code?

No, the big problem is scripts hosted elsewhere. Scripts that the page author can then use the defense, “But I had no control over that script! It was an externally hosted ad banner, go after those guys!”…

A better alternative to to NoScript is using AdBlock Plus and using a simple filter.

*$script,third-party

This blocks all third party code, yet doesn’t break normal web site functionality. Then if you encounter a site that has third party scripts that you wish to run, you can whitelist the external code by altering the filter.

*$script,third-party,domain=~whatever.com

(Note that I’ve never found the need to whitelist any third party scripts in the year or so that I’ve been running this filter)

This allows third party scripts to run on that domain only. (Add more domains by using the | separator)

Not to mention that the author of NoScript did some rather shady tampering with another popular extension through a “patch” that he applied to NoScript. This subsequently made the Mozilla folks change their extension policy to help ensure this doesn’t happen again. Up until that point they had been allowing NoScript to update the extension without Mozilla previewing the code first due to its “trusted” status. Pretty cool for someone writing a so called “security” extension, no? :wink:

Thanks for this:

(yet strange this filter has exclamation mark and i have 1000 hits in couple of days :o)

NoScript is not usable for me too. I understood this after i struggled with it for months ;D

You’re welcome. :slight_smile: I started using this method after reading that this is what the author of AdBlock Plus recommends.

It has an exclamation mark because it’s a very general filter. Too many broad filters such as this could affect browsing performance. And yes, it’s amazing how many sites are actually using external Javascript. It’s easily the most active filter on my machine.

Thanks for that too. :-TU

I had to change it to

*$script,third-party,domain=~youtube.com

otherwise flash player didn’t work.

Not necessary? Sorry, but thats not true. Some scripts NEVER touch your hard drive. And some exploits run directly in memory. Still unnecessary? I think not.

I was just thinking exactly that. We need a way to protect us from exploits and scripts.

I take back what I said about “no” for Script Blocker.
Now that I have removed NoScript addon, I see your point.

That’s the point CIS currently scans both the hard drive and memory. Having a web shield will be redundant.

But this is the exactly same method as CIS - Default Deny.

It’s the only way to ensure protection in a place like the internet.

No, it’s not exactly the same at all…

As I mentioned, NoScript destroys the functionality of a large portion of the internet by default. It just does it. No questions asked.

CIS on the other had asks you if you want unknown or suspicious processes to run. It would be pretty user unfriendly if it just blocked everything without even letting the user know it had done anything…

Now if NoScript would ask if you wanted each script to run when you visited a page, then it would be similar in functionality.

But that IS what NoScript does. It blocks the scripts by default (it HAS TO, in case they are malicious) and then gives you an option to allow them IF you want to.

There is no way that NoScript can destroy functionality without telling you.

In the same way, when your CIS intercepts a process or detects a virus it blocks access or suspends process in some way, and then asks what you want to do. It would be pretty useless if it said “Here’s a virus, what do you want to do about it?” and then let the virus trash your computer while you were thinking about what to click on…

Unless the functionality has changed from the last time I used it, you get not alert asking you if you want a script to run when you visit a webpage, which in turn allows you to whitelist the script from the alert. This is how CIS works.

Yes, you can enter the GUI and whitelist scripts from there, but by default it simply blocks without telling you it is blocking them. Without looking at the blocked scripts list, you never have any idea what it’s actually blocking. All you know is that the site no longer works right.

Yes it does. A great number of the webpages around use locally hosted scripts to give their site functionality. By default NoScript blocks even the benign navigation type scripts (almost always locally hosted) thereby breaking the site. It does not “tell you” it is doing this. Yes, you would assume that the user realizes this is happening because they had installed the extension, but just look at the NoScript forums and the user feedback on mozilla.org to see how many frustrated users uninstall the extension because “no webpages work”…

If NoScript had told them it was blocking some scripts, they would be more aware of what was happening. But just like with CIS, the average person isn’t going to know which scripts to allow. That is why the AdBlock plus route is preferable using the third party script filter. It blocks the scripts with the highest chance of exploitation. Third party scripts.