Do you still think that Comodo V8 is safe to use

Please remember that CIS is very much built to keep a computer clean. It surely is doing a nice job cleaning also with the additional tools.

Have you run any tests on other firewalls? If not can you try against Outpost Firewall Pro or Emsisoft Online Armor Premium? I tried both in trials couple months ago while troubleshooting Comodo issues (they didn’t have the performances/bugs issues that current Comodo does). But not sure how much safe they are compared to Comodo. Thanks

The default settings cis to allow communication for unknown app.
Comodo is very strong, but the default settings bad, as you can see in the test was to the default settings if I tested on the settings of the proactive Comodo easily tackling sample

Outpost Firewall Pro and Emsisoft Online Armor Premium Can not be comparable with CIS, If the test on the Comodo firewall will be tackling sample very easily because the firewall settings are different from the settings CIS.
Each of Outpost Firewall Pro, Emsisoft Online Armor Premium and CFW Can tackling samples in the test video.
This test prompt for CIS “default settings”

The default settings are an ongoing debate here at the forums. Advanced users think they are not tight enough. Hence why we advice to follow Chiron’s recommendations as described in his article How to Install Comodo Firewall.

Is there a way to get version 7 of Chiron install guide?

Also can someone confirm the MD5 hashes for v7 posted earlier as not sure if those are the 64bit ones or 32 bit.

What about doing so when we install we get option to install as novice/Advanced user, and then the default settings will be different for those 2.

Hi jfcarbel,
Try the following.

Kind regards.

Give me some time, I’m going to test this soon

I am sorry for the delay; I was waiting for the new version to test it, but I found out that there is no new between the previous and the new version

Comodo test proactive protection Malware Rat

In the test does not show any alert of the proactive mode, only Firewall Alert.
In this test have not tested to the default settings, but are like the default settings in previous version.

Worrisome in the video as follows:
When you allow malware act to connect once or twice at the most can upload files from the victim’s machine.
malware can also delete files in folders share
Also malware is able to browse the files without the knowledge of the victim.

Great test Ahmad :-TU

I am glad you like it :azn:

Do you have an idea Why do not Sandbox blocked applications that require access to the mouse?

I am not used to use Internet Security Config. I alway use Proactive security config.
So, maybe it is a bug! or you allowed the connection so CIS totally allowed everything via this connection. I do not know actually.
If you have time test it with Proactive Config. No need to release here, test it and see yourself. I actually wonder the result.
We all know current default settings is not good. And you always tests CIS with ddeafult :smiley: Test it in different ways.

The test was actually a proactive mode

[attachment deleted by admin]

I missed it then, there was no HIPS alert for maus and keyboard etc.
You can report it as bug In my opinion. This is a big issue for users who trust Proactive mode.

Sandbox mode is working on proactive blocked access to the keyboard and the screen but do not block access to the mouse
Maybe the reason that there is no alerts HIPS if any application within the Sandbox
I think that the difference between the level of protection in the default settings and mode proactive, very little
Is it possible that the Sandbox on proactive mode hamper the work of HIPS

I cannot answer this now, I have no CIS on my PC. But HIPS must work under Sandbox, can you test a keylogger under Proactive mod?
Lets check the HIPS will alert or not under sandbox?

I tested this in advance in the video, and the result was blocked access to the keyboard

Then we need a wish for maus access block :wink: Will you create a wish for it?

Great work Ahmad, I saw your latest video on this issue and the results showed a very grim scene. The RAT at the very least should of never been able to view the files never mind delete them. I’m pretty sure limited sandbox would of blocked this type of action but Comodo seemed to removed that feature in place of total virtualization. Do you think there are any settings that could be modified to prevent this kind of malware access or it is best just to deny the request to connect to the internet?

Comodo is not safe until developers fix critical bugs in Heur Cmd-Line Analysis. For example, video with curious situation is attached.
Nice view… >:-D

[attachment deleted by admin]