Local CIMA

wasgij6 · July 16, 2011, 4:58am

with v6 coming with a virtualized sandbox it would be nice to have a feature where we can right click on an installer and click analyze with comodo sandbox. when this is clicked it will run the installer in the manuel sandbox and log everything the installer creates and displays this report to the user in a text file. this will help identify malicious programs.
it would also be nice to have this in the gui. it would be an empty window with the file being analyzed at the top and when its being analyzed it will create a file tree under the file to show what gets created. it should also include the suspicious verdicts like CIMA has

Jacob · November 26, 2011, 11:07am

+1 Talk about fairly Advance,
IF Comodo is up to the challenge

loveboy_lion · November 26, 2011, 6:03pm

+1 :-TU The best wishlist i ever seen on the forum

khanyash · November 26, 2011, 7:37pm

+1

Chiron494 · November 26, 2011, 7:51pm

+1

atomas31 · November 26, 2011, 8:40pm

+1

wasgij6 · November 26, 2011, 8:41pm

i forgot about this wish. thanks for bringing it back Jacob.

Jacob · November 26, 2011, 8:44pm

Your Welcome, I was going through all the threads who don’t have any replies and trying to see if their issues/comments have been resolved or answered.

wasgij6 · November 26, 2011, 8:47pm

ya makes sense. its nice of you to make sure everyone is getting help

DiSP · November 27, 2011, 10:53am

+1

gvvsss · November 27, 2011, 2:23pm

+1

Viper94 · November 27, 2011, 6:48pm

I think it could be difficulty for Comodo-Team to implement this future…

+100 :-TU

wasgij6 · November 27, 2011, 8:03pm

yes it probably would but comodo is known for innovation. i have seen some amazing things from comodo like valkyrie, new technology for 64 bit hips, and cis as a whole. the technology for this wish is already there is just implementing it in a different way

gvvsss · November 27, 2011, 8:38pm

We all know that it’s crazy… :a0

But,

Guys at Comodo are crazy too… ;D :-TU

Viper94 · November 28, 2011, 3:14pm

Ok, that convinced me

spainach_12 · November 29, 2011, 2:35am

I voted for undecided. While unnecessary for me to explain, I am edging on voting for no because:

we already have a working solution that is Sandboxie + BSA,
I think this should be made a standalone rather than incorporated in a firewall or internet security so that
a. Any bugs or issue will not hamper protection
b. Since it nearly is the same as Sandboxie, wouldn’t some people want this alone and not with the CIS? I mean, we have people here who prefer other options than CIS.
c. The firewall might start consuming more resources since another module was added. Whatever happened to being light?
Also, maybe they should pay a bit more attention to the antivirus component. I don’t know. Improve the sandbox sure, but stick to what we have first before adding too much. I heard CCE was also incorporated for some reason. Or was it only KillSwitch?

wasgij6 · November 29, 2011, 3:17am

spainach_12 post:16:

I voted for undecided. While unnecessary for me to explain, I am edging on voting for no because:

we already have a working solution that is Sandboxie + BSA,

I think this should be made a standalone rather than incorporated in a firewall or internet security so that
a. Any bugs or issue will not hamper protection
b. Since it nearly is the same as Sandboxie, wouldn’t some people want this alone and not with the CIS? I mean, we have people here who prefer other options than CIS.
c. The firewall might start consuming more resources since another module was added. Whatever happened to being light?

Also, maybe they should pay a bit more attention to the antivirus component. I don’t know. Improve the sandbox sure, but stick to what we have first before adding too much. I heard CCE was also incorporated for some reason. Or was it only KillSwitch?

this wish is different from what sandboxie does. yes sandboxie is a great virtualization software but it doesnt analyze files for malicious activity (that i know of).
this would only be in defense + since it uses the sandbox. this is an on demand analysis. there isnt anything that would be running in the background. it would only be running when the user is analyzing a file so no need for a background process or service.
i agree but this can be a useful feature and comodo is always improving all components of cis

gvvsss · November 29, 2011, 4:54am

+10

spainach_12 · November 30, 2011, 2:37am

Which i why I added BSA. Buster Sandbox Analyzer. Here, have a look: https://forums.comodo.com/other-security-products/analyze-files-via-sandboxiebuster-sandbox-analyzerccleaner-t78784.0.html

The defense + is not a standalone program. It comes with the firewall. Think about it. If it were a standalone rather than part of the firewall, then it would not add any strain to the firewall when used. But if it is made a part of it, then that means it has to be maintained by the firewall. Which means that if the sandbox fails, then there’s a fairly good chance of the firewall crashing as well. Which is not a good thing.

Moreover, not all people are too happy with D+. Which translates to people having issues with it. Which MAY mean that there are still bugs to fix. Like I said, tweak it til it works, then add something new. It takes time. Let’s not rush it too much.

It can be useful. It is useful. But I just don’t recommend it the way it’s being recommended. It opens up to a lot of issues that may prove to be difficult to fix.

I stand by what I have said.

wasgij6 · December 15, 2011, 12:21am

spainach_12 post:19:

Which i why I added BSA. Buster Sandbox Analyzer. Here, have a look: https://forums.comodo.com/other-security-products/analyze-files-via-sandboxiebuster-sandbox-analyzerccleaner-t78784.0.html

The defense + is not a standalone program. It comes with the firewall. Think about it. If it were a standalone rather than part of the firewall, then it would not add any strain to the firewall when used. But if it is made a part of it, then that means it has to be maintained by the firewall. Which means that if the sandbox fails, then there’s a fairly good chance of the firewall crashing as well. Which is not a good thing.

Moreover, not all people are too happy with D+. Which translates to people having issues with it. Which MAY mean that there are still bugs to fix. Like I said, tweak it til it works, then add something new. It takes time. Let’s not rush it too much.

It can be useful. It is useful. But I just don’t recommend it the way it’s being recommended. It opens up to a lot of issues that may prove to be difficult to fix.

I stand by what I have said.

no defense + is not a standalone and i never said it was. i said this feature would be ON DEMAND. which means it only runs when the user says to run in.

i dont know y you are talking about defense + crashing to firewall. if comodo coded this correctly there would be no crashes to begin with especially between 2 seperate modules like the firewall and defense +.

this is a wish so there is no need to talk about bugs and crashes.