???
(V)
Hi, comodo forum users,
I have downloaded the cfp 3.0 and my question is: Should I use together with prosecurity fproactive hips because I have the prosecurity license or Is it not necessary anymore? Is it possible whether I turned the cfp 3.0 proactive option off? May they conflict oneselves even I turned it off? Best Regards.
:THNK
(L)
CPF 3’s Defense+ is the best HIPS around in my opinion. It’s up to you really. You can Turn Off Defense+ perminently if you want. CPF itself shouldn’t conflict with your HIPS if when you install CPF it will probably recognize that you have other HIPS software installed and will suggest that you install CPF without Defense+
I personally love CPF3’s HIPS.
I’m with Eric on that one.It’s probably not a good idea to run two separate HIPS utils at once since it could cause problems with them fighting each other to monitor files.The HIPS in CFP 3 is very extensive so it may well cover all that Prosecurity does (and likely more).
Having said that I’m running CFP alongside PrevX with no issues at all,but PrevX isn’t so much a traditional HIPS like Prosecurity.
Disagree. Prosecurity covers more. That said running them both is sucidial yes.
Sometimes i wonder if all this focus on whether functionality is the same or not is the right away to decide whether to run them together.
The rule we have seems to be if software A and software B have the same functions do not run them together.
But the problem with this is, most times do we really know if the functions are the same! We are usually at the mercy of the vendor to tell us, and usually we get mostly marketing speak, or whatever technical scraps the vendor deigns to throw at us.
I notice a lot of security vendors try to differentitate themselves (for obvious reasons), so they tell us stuff that makes it seem like their product is different from the rest. But do we really know? How much different in functionality before we decide it is “not quite the same” and hence safe to run together?
Another issue that worries me is all this “kernel hooking”. I’m told that it is highly recommended not to have too much of this, particularly more than one hooking the same kernel API.
The fact that an Antivirus like antivir works undeniably different from a sandbox like sandboxie and to some extent there is a functionality difference between a sandboxie and say System Safety Monitor. However I have found that they still tend to hook the same APIs!!
Building a chain of hooks this way … well While the system might not crash, some unexpected side effects might cause the defenses to fail in strange ways that cannot be predicted in advance.