Set and forget option?

I have serious problems with the enormous amount of warnings from CAVS. Every program that connects to the internet or to another program brings a warning pop-up is I agree with the action.

I know for CPF there is a Set and forget option, I need this also for CAVS (:AGL)

I think you are refering to the HIPS function of CAVS. When you are using HIPS it requires a user decision if something is allowed or not. I personaly dont use the CAVS HIPS function, but if you have questions about it I am sure someone of the Mod’s can help you :slight_smile:

Greetz, Red.

Maybe a stupid question but what is HIPS and where do I turn this function off in CAVS and CPF ?

HIPS stands for Host Intrusion Prevention System. It controls the execution of programs. But doesn’t blocks or alerts for internet connection attempts of programs. You can turn it off by rightclicking on the cavs taskbar icon and disable HIPS application control. This is not recomended though, because curently HIPS is the strongest weapon in CAVS’s arsenal. If you get popups for allowing internet connection, thats not cavs. It is the firewall. CPF does not have HIPS yet. It will in version 3.
If you want to lower the alert frequency of the firewall, go to security/advanced/miscellaneous
Normaly CAVS only alerts you when you execute new programs first time. Btw did you tick the “remember setting” radio button? Did you run the User Profiled Safelist Database Maker?
You may clarify it a bit or post some screenshots, because I’am not sure what kind of alerts are bombarding you.

Mmm, you are right Blas. He is refering to CPF popups :-\

Greetz, Red.

Blas, thanks for the explanation, and yes your right there are warnings from the CPF as from the CAVS i found out. But the big problem, because my customers do not reed technical English, is the short understandable description that frighten them to click anywhere at all.

I need to install this software so that they have max protection but minimum or no questions/warnings. We are talking about non technical senior people here.

I did run the savelist and it is sending about 1000 unknown files sinds yesterday 11.00 hrs and still sending? What will this eventually do for the installed CAVS user?

Hi Eljo,

So your main problems are with the firewalls alerts right?
I mean that if you run all of the applications used by your customers with the HIPS function of CAVS turned on and allowing them with the remember setting option ticked, then it wont alert you/them about these applications in the future. But with CFP its a bit more complicated. If you want max protection then you can’t aviod the alerts. For example: your customer is browsing the net with firefox and finds an interesting article and he wants to copy/paste it to a word document. After doing this CFP will pop up an alert similar to firefox wants to connect to the internet. Allow or Deny? And in the explanation it will say something like “firefox.exe has modified the memory of winword.exe” or vice versa.
And your customer will be paralized and in big “trouble”: “now what shall I do ???”
You can’t get rid of these kind of alerts without disableing some of CFP’s functions. It will still give a decent level of protection, but not “max”. BTW there is a “rule of thumb” with CFP: if you trust both the parent and main process (or the modifier and modified) you can allow it.

You are now sending all of the appliations NOT on the safelist. I didn’t do this because there are a lot of these. What will this do for the CAVS user? Well the files sent by you will be analyzed by the comodo dev. team, and in theory they will be added to the safelist of future versions. This way future users wont be allerted by those files, as they will be on comodo’s safelist.

Btw, Im in a similar situation like you. My grandfather will get acces to the internet soon. And he is a total computer analfabet to be honest. He has some experience of word processing though. Back on topic, I want to install CFP for him, but I don’t want to bother him with alerts. I think I will turn off component monitor and application behavior analysis. This is the only solution I’ve found so far. He wont do online transactions and I think above 70 he wont visit porn or warez sites either :slight_smile:
And I will be always there to do a clean up if something goes wrong.

What are your customers using the pc’s for? You may consider running the internet enabled applications sandboxed. This way they can do no harm by clicking on the wrong thing :wink:

Yes becouse the HIPS i can disable.

I mean that if you run all of the applications used by your customers with the HIPS function of CAVS turned on and allowing them with the remember setting option ticked, then it wont alert you/them about these applications in the future. But with CFP its a bit more complicated. If you want max protection then you can't aviod the alerts.

Well, I mean as max without he warnings

For example: your customer is browsing the net with firefox and finds an interesting article and he wants to copy/paste it to a word document. After doing this CFP will pop up an alert similar to firefox wants to connect to the internet. Allow or Deny? And in the explanation it will say something like "firefox.exe has modified the memory of winword.exe" or vice versa. And your customer will be paralized and in big "trouble": "now what shall I do ???"

Yes but even if they click a link inside a email program a browser they don’t understand that a second program is activated.

You can't get rid of these kind of alerts without disableing some of CFP's functions. It will still give a decent level of protection, but not "max". BTW there is a "rule of thumb" with CFP: if you trust both the parent and main process (or the modifier and modified) you can allow it.

Tell me how and where to set this :BNC

You are now sending all of the appliations NOT on the safelist. I didn't do this because there are a lot of these. What will this do for the CAVS user? Well the files sent by you will be analyzed by the comodo dev. team, and in theory they will be added to the safelist of future versions. This way future users wont be allerted by those files, as they will be on comodo's safelist.

Thats a good thing, us helping Comodo helping us

Btw, Im in a similar situation like you. My grandfather will get acces to the internet soon. And he is a total computer analfabet to be honest. He has some experience of word processing though. Back on topic, I want to install CFP for him, but I don't want to bother him with alerts. I think I will turn off component monitor and application behavior analysis. This is the only solution I've found so far. He wont do online transactions and I think above 70 he wont visit porn or warez sites either :) And I will be always there to do a clean up if something goes wrong.

That’s an option for some of them but it seems the older the more they surf after the xxx (:WIN)

What are your customers using the pc's for? You may consider running the internet enabled applications sandboxed. This way they can do no harm by clicking on the wrong thing ;)

The most use it for internet, email, digital imiging, home movies and word documents. I will look in to this sandbox option, thanks for the tip.
[/quote]