CIS 5.10.228257.2253 firewall installation, “Do NOT show alerts…” unchecked in Configuration Options.
- Executables are NOT on protected files in D+ policy.
- Computer monitor and keyboard monitoring unchecked.
- Threat unrecognized files as: unchecked (as I indicated it earlier).
1.Please switch the configuration to the internet security or the proactive security.
2.In the default three configurations, CIS can not block “keylog and screenlog”
SolutionI: tick the two items (for the user disabling the sandbox level)
SolutionII: switch the sandbox level to the limited or higher ones.
3.The configuration, firewall security, disables the sandbox levels.
The solution to the problem is the same as 1.
That is not a bug, these are the ridiculous default settings that the developers have choose for CIS.
“Allow outbound” rule in default FW settings should be changed.
Yes, ridiculous and inexplicable default settings (especially the first two), because the possibility is “there” for protection.
Even the documentation is inaccurate:
“COMODO - Proactive Security
During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration.”