I have finally got Comodo CIS 4 configured properly and must say I feel fairly secure on the Internet. I run CIS with firewall in custom policy mode and Defense+ in Safe mode.
Ran TestMyPC malware tests and scored 340/340.
Found some additionally keylogging, screen and clipboard capture tests at www.zemana.com and Comodo caught all those.
A few comments.
CIS 4 in default configuration; i.e default firewall rules, is not very secure.
CIS 4 still needs work on Java exploits. Got nailed by one of those masquading as a Java Update.
Overall considering this is a free product, I think it is one of the best on the market.
I will put just a short comment re: Zemana’s tests
Those are improper - incorrect tests for keyloging/ screan-loggin…
Sure HIPS has to catch “any move”, so it doesn’t matter,
but any decent Behavioral Bocker will not and should not consider those as a malicious behaviour
im just curious what do u mean by this???
Definitely DonZ will answer your question and express his oppinion
My opinion according to my tests - v3 in Proactive Mode ; Defense+ & Firewall (both in “Safe Mode”) is pretty much safe
I am talking mainly about Firewall only (cannot care less about the Comodo’s AV) even if the Defense+ is disabled - not in my case, but many users do
… V4 is unsafe even if so called “sandbox” 88) is disabled
A pretty good starting point is given in this Comodo forum thread https://forums.comodo.com/guides-cis/how-to-install-and-configure-comodo-firewall-v41-for-maximum-protection-t57944.0.html;msg406533#msg406533
I personally don’t use Comodo’s sandboxing. I have been waiting for it “mature” for a while. I might give it a try in the near future.
As far as the firewall goes, Comodo firewall ver. 4 in it’s initial release pretty much operates like WIN XP’s SP2+ firewall; it allowes most outbound traffic. I think that might have been beefed up a bit in the later releases. I have signifigantly “hardened” the system and svchost application rules and likewise did the same for the global default rules. The other tweaks were primarily unique to my application software installation.
I did remove the port 8080 ref. for the default browser ports since I was getting web redirects to places I didn’t want to go to with that in place.
Comodo has given me problems with DHCP since ver. 3 so I also added firewall rules to get around those issues.
Yeah, I wondered about those Zemnna tests. I was running Defensewall for a while and that caught everything screen capture wise. Also Prevx’s banking mode is pretty good but I don’t like running in the “clouds…” Of course, both those are not free software.