Why is there still no info BB setting ‘Fully Virtualised?’ It would be nice to know what protection it offers (if any!?
???
Is this the undocumented and unsupported Behaviour Blocker feature in CIS 6 that required a registry change to activate that you’re referring to?
Yes that’s the one - I have changed the registry etc., but I have enough knowledge to be able to do so
You can find a lot of info about it here on the forum. Why not the official info? Well it’s only for the advanced users and it’s still somewhat experimental. There are few issues with it regarding protection but once again if you an advanced user you can deal with it.
Some documentation has been added to the help file now.
Enabling Full Virtualization for Auto-Sandboxed Applications
Thanks for all the info! I think I will stick with/ change to untrusted… So, if you set to fully virtualised when you exit and reset sandbox won’t all the virtualised either harmful or other(s) auto-sandboxed be deleted; can someone explain what the security issues are???
!ot! a little - should ‘define exceptions for behavior blocking’ be enabled or disabled as in help sections it is disabled???
The issue is not with the sandbox as you said all the things in it will get deleted that’s correct. The issue is with the firewall bypass and also keyloggers running as FV can log keys from the actual computer. Can steal the private information but that’s under Q. But if you set these rules for the sandbox you should be okay: https://forums.comodo.com/defense-sandbox-faq-cis/specific-fw-rules-for-sboxed-processes-technical-faq-v6-t92108.0.html
It should be disabled unless you want to add things to it.