I’ve heard alot of good things about the CIS HIPS and sandbox combo , but how does the AV part of CIS compare against something like Avira free AV with regards to detection ? I’m using Avira AV at the moment but like the HIPS sandbox part of CIS.
Also can i use CIS with Shadow Defender for protection against Java EXPLOITS or would that be overkill ?
‘‘I would ask, why would you want a stand alone AV?’’
Hello, cheers for the help. I have a stand alone Avira at the moment, but am thinking of giving CIS ago due to its HIPS/SANDBOX, as i need Java, but dont know how the AV side of CIS compares to Avira. So it was a question of hooking Avia up with the Comodo FW or getting rid of Avira and giving CIS a go.
Have you seen what Wiki says about version 5 ?
‘‘CIS 5.0 added cloud antivirus protection and spyware scanning capabilities. As it could not clean all the malware it found effectively, Comodo Cleaning Essentials was developed to supplement CIS’’
Any update on how to make the Comodo hips/sandbox pick up/contain the Java exploits more easily ?
Seanny. I would Say that Comodo has exceleent detection rates. But is poor in detecting Fake AVs such as System progressive, Win 7 antivirus/spyware pro and other ones. But other than that it is good. The sandbox set to retricted should keep Fake AVs from doing too much ddamage.
Give the whole CIS a go and see if you like it if not you can always go back. CIS had issues in the past but not now. They improved AV a lot and I mean a lot! But don’t just rely on Comodo. Always use layered security use EMET and ExploitShield to stop any Java attack together with CIS. You can add rules in CIS and increase the restriction level but with EMET and ExploitShield you should be fine.
Yes i’ll give CIS a go then. Just one more question about configuration which i hope someone can help with.
I use some websites that load stock charts with Java, and it seems java is loaded everytime (?) i click on a new chart, and i look at alot of charts.
IF these websites that i use are listed by Comodo as ‘‘trusted’’ can a security hole in the website cause a malicious Java exploit to load onto my PC. So should i always make sure that these Java based websites are not trusted by Comodo’s trusted list in my comodo control panel?
I see. Well there is always a risk with Java trusted or not. With “trusted” yes but it’s very rare as Comodo does a good job with it. Well you can yeah but you just never know that’s the thing. I saw one test where Java exploit bypassed CIS but it’s very rare still also that’s why you must use such tools as EMET and ExploitShield to detect any abnormal behavior/malicious code in the Java. To be protected you must use CIS, EMET and ExploitShield together. And it would be hard to infect you with any Java attack. The problem is when people just use an AV. That’s when things start to go wrong.
since it is from a website you can probably use the kiosk and open the browser inside
i was going to say put the browser in the always sandbox but in v6 it is completely virualized and shares the same space as kiosk so reseting the sandbox removes what you downloaded or changed from the browser
though not sure if putting the browser or java.exe,javaw.exe,javaws.exe into limited hips rules will be the same as bb/autosandbox limited though you may need to use a restricted i guess for the best protection against those im just not sure if the browser would run on restricted and higher restriction
for seannys comment i guess it was from the past not sure but then again avira also has that reputation from the past
is it possible to set limitation per JAVA APP (.jar , jnlp, webstart) instead of limiting the java.exe javaw.exe etc,