Unexpectable security holes with firewall installation

czt · August 20, 2012, 9:48am

CIS 5.10.228257.2253 firewall installation, “Do NOT show alerts…” unchecked in Configuration Options.
Result:

Executables are NOT on protected files in D+ policy.
Computer monitor and keyboard monitoring unchecked.
Threat unrecognized files as: unchecked (as I indicated it earlier).

I’m shocked.

a256886572008 · August 20, 2012, 11:01am

1.Please switch the configuration to the internet security or the proactive security.

2.In the default three configurations, CIS can not block “keylog and screenlog”
SolutionI: tick the two items (for the user disabling the sandbox level)
SolutionII: switch the sandbox level to the limited or higher ones.

3.The configuration, firewall security, disables the sandbox levels.
The solution to the problem is the same as 1.

lordraiden · August 20, 2012, 12:29pm

That is not a bug, these are the ridiculous default settings that the developers have choose for CIS.

siketa · August 20, 2012, 12:33pm

+1.
“Allow outbound” rule in default FW settings should be changed.

a256886572008 · August 20, 2012, 1:11pm

for CFW

czt · August 20, 2012, 1:21pm

Yes, ridiculous and inexplicable default settings (especially the first two), because the possibility is “there” for protection.

czt · August 20, 2012, 1:40pm

Even the documentation is inaccurate:

“COMODO - Proactive Security
…
During the setup, if only Comodo Firewall installation option is selected, the next screen allows users to select this configuration as default CIS configuration.”

Citizen_K · August 21, 2012, 11:01pm

Help & simple GUI text mistakes - CIS