Why Comodo programmer's not develop heuristic for phishing sites ?

The problem in the Buffer Overflow Prevention component can be used by exploits to infect systems via Buffer Overflow attack. Besides this, Buffer Overflow Protection was one of the most advertised CIS features by Comodo in the past.

Also the Firewall not monitoring other NDIS protocols besides TCP/IP (lack of raw packets filtering) since CIS version 6 and above can lead to data exfiltration. If Firewall filtered raw packets in CIS version 5 and older, then one would think that it should filter in newer versions too.

Exactly !

And malicious Facebook links ?

Therefore need to use Bitdefender products with its heuristic against phishing sites.

Phishing website trying to do what?
Inject an executable? If so yes it will.
Trying to get your information?
No it won’t.

CIS is designed to keep a clean computer clean.

And the theft of banking information by phishing pages ?

Protecting data vs Protecting computer are 2 different things.

CIS is designed to protect the computer from getting infected.

But do not you think limited this protection to a suite as the CIS ?

And why of the web filter presence in the CIS ?

i would like to focus the discussion…there are many names we are throwing around like web filtering etc…
there are 2 main things to protect

1)user’s computer from infection
2)user’s data from falling into wrong hands

CIS is designed to do 1.

That is correct, Melih. I understand that. CIS is designed to prevent infection and it does it brilliantly. :-TU

However, protecting sensitive user’s data (eg from phishing attack) is also part of online security. Is comodo going to offer any solution to do this or is it going to specialize in protecting computer only?

Therefore need to use an additional software to strengthen security.

Bitdefender Free offers optimum detection ( heuristics ) of phishing and malicious links from Facebook and Twitter and also against zero-day ( heuristics ) binaries.

Since CAV does not actively scan javascripts in browsers, how can CIS block this kind of malware?

Ever read about this kind of attack.

It is possible only in special rare conditions.

You’re talking Browsers now. Would this not be the domain of, say, Comodo Dragon? Not CIS

Im running cis only and liking it as its very fast on my computer but reading this thread i want to ask,am i good using only cis or do i need something else with it?Me and my family do alot of online banking and shopping online on our computers?

Please do not hijack this topic. Open a new one and we will be glad to answer your question.


Did not think i was hijacking the thread as the question was because of the posts inside this thread,sorry.You can delete if you like.

Look for this link:


This is a phishing page test and the heuristics of Bitdefender Free detect it:

Most attacks in Brazil are by phishing pages.

Hello devilbat66,

Thanks for your feedback.

Please kindly let me know the bug reports that you’re referring in your message below so that we will get action to solve them asap.

Kind Regards




Thank you for taking this feedback into account.

IT security is all about data protection… why is that so difficult to understand ?

It makes no difference if a security soft prevents infection, but allows data to be stolen\transmitted.

Virtualization (containment) only protects the physical system from infection - it does not protect data.

Malware run inside the sandbox can access and steal data… unless all potentially stolen system data is placed inside Protected Data Folder(s). How is that possible when sensitive data is spread out all over the Windows file system ? A config nightmare.

The bottom line - and there is no arguing otherwise - CIS mainly only protects the physical system, but it offers comparatively little in the way of data protections.

You don’t achieve a high level of data security by only preventing a physical system infection…

Though they implemented WebShield. Its not updated for days-weeks. Just a showpiece in GUI.
Containment is good. But they should look to provide overall security. Data theft is increasing with each passing day & is one critical aspect that should be definitely covered by security software.