HIPS support :-TD

ok, so I’ve taken time to go through everything and really overlook the AV settings…

I can’t seem to find the HIPS settings which is the whole reason I installed CAVL

I’ve already been ratted once with Pupy, and it was scary enough I never knew until my ex-friend blurted he did to my other friend he hates.
since then I’ve been looking for a HIPS solution which doesn’t seem to exist for linux :confused:

about the best there is is an IDS like snort
but that doesn’t Prevent the intrusion, only notify about it.

does CAVL even have a HIPS at all?? :-\

no there is no HIPS support
I just found I was ratted last night by watching outgoing UDP traffic and comodo never notified me of, nor blocked, the intrusion.
(this was the whole reason I got CAVL at all)


I understand the service is free
but that’s the whole reason I boast about you guys
this is not “expert-level security” like I boast

the RAT has been removed
I can tell it was Pupy because it resided in RAM until I reset my machine (I no longer have UDP traffic galore when nothing’s running)

so yeah, hopefully this gets fixed so I can continue to boast about you guys :slight_smile:

btw I did get a packet capture
if you’re a CAVL developer, or maintainer, PM me and I’ll gladly send you what I have for analysis
note though this is mid capture, so I don’t have the initial intrusion injection.

well nvm the packet capture
that wasn’t the RAT, that was just a glitch with qtox
when closed, traffic continues with a result of “Destination Unreachable” which I thought was the rat trying to communicate with the host

but despite that, I know I was ratted because the dude who ratted me sent a screenshot of it to someone I’m having rough times (friendship drama) with
when asked what was in the shot, he replied I was watching youtube, which I know wasn’t a coincidence of some old image

no the rat was removed before I captured any packets, so yeah, I don’t have anything to give.

EDIT3: and I’m back to being friends again with the dude who ratted me
we got our issues resolved

but still, comodo couldn’t protect me from it