If you notice, I never questioned SafeSurf. I just stated that if the other user, claiming that it offers top protection, then he/she needs to base his/her statement with something that backs up that statement. That’s all.
I also don’t get it. 2 replies, and none to offer any sort of assistance, but rather, implying I said something, which I clearly have not?
The purpose I wrote my first post was to request help and express and opinion of how I think the development of CIS is getting. It’s as a concerned user that I gave my opinion. Why? The CIS Pro version really got my attention with all it’s features, but will I acquire it knowing it’s buggy like hell? No.
So, please, I kindly ask to stop saying thing that I didn’t and that someone could help me with my problem.
The HIPS should block unless you specify it to allow the thing to do whatever.
Do you want your firewall to accept connections too untill you specified it to block?
What if you leave the computer?
Then the ■■■■ thing could make all sorts of connections, and programs are faster than the human.
You could easily set a program to kill A kill B, delete this, that. etc, before you have the slightest time to react.
Thats why you block stuff first, and ask, instead of allowing and then ask.
If that is true then I agree that it should be fixed. But I never encounterd those errors, I have D+ set to Paranoid Mode.
I dont have the time, but its claimed to protect from:
Buffer Overflows in the STACK memory.
Buffer Overflows in the HEAP memory.
Detect ret2libc attacks.
And: Detection of corrupted/bad SEH Chains.
If this software was bogus, then Iam pretty confident someone would have pointed that out already.
There is user witnessing of it working and comodo woudnt lie about it protecting you from 90% of BO attacks.
They wouldn’t risk the comodo brand simply to be able to say “we got BO protection too”.
Someone has tested it, Iam sure, and there is a BO tester program from comodo that this software passes.
I think you did, but I see no problem in that. You asked if there is any proof of SS preventing BO attacks. And again, I think you have the right to ask for this, and ask if Monkey_Boy=) is willing to invite everyone to his/hers home.
I’m sorry to say that I have no solution to your CIS trouble. I’ve read your post but I don’t really understand what may cause the trouble.
You’re confusing two different security mechanisms. One thing is a firewall. One thing is a HIPS, and in this case, a classical HIPS, which will request USER INTERACTION. Defense+ will not blocking anything if you miss to answer it. It will just ignore the request. Defense+ is not a behavior blocker, which, by it’s nature, will block things without asking. Of course, there are a few utilities that aren’t truly behavior blockers.
And you seem to agree with me again. 3 in a row.
I won’t comment, as is not my intention to discuss about SafeSurf, but I do have my own thoughts about tests provided by the very own developer of a certain app. Not talking just about Comodo. There are plenty out there.
Would, perhaps, adding the folder, which Defense+ seems to block, somehow, to the safe files and folders, prevent it from doing it again? Just like DarkButterfly wondered, too.
Well, it does seem reasonable. But I can’t understand why D+ would block something essential Windows related, without your approval. Is it possible to boot Windows in safe mode, start the CIS GUI, review the D+ Computer Security Policy and add explorer.exe as a trusted application? (I’m not even sure explorer.exe is the problem but it could be)
Yes, I do can enter in Safe Mode and that’s how I uninstalled CIS. I didn’t check what you mentioned, though. Didn’t even occur me. I was in such madness!!!
I also don’t understand why it would block something without my approval. This has clearly to be a bug? That’s my only thought.
Maybe, in the next release of CIS, Comodo should implement a mechanism, if it is even possible, to control these impulses from Defense+? Honestly, I don’t even know what to suggest, but to recommend Comodo, to truly get all their human power to look through CIS code and optimize it.
As I already stated, I really don’t think Comodo should waste their great programmers with tools such as the registry cleaner, etc. There are so many out there, free and great. There is no room for Comodo there, as it would be a waste.
Why not take those programmers and join them with CIS’ crew? (Please, Comodo, consider this.)
Then my suggestion is as above (thanks to your own suggestion in reply #25 which triggered the idea) - launch cfp.exe in Windows safe mode, and add explorer.exe as a trusted application. In case you still wish to give CIS a chance.
Actually I think I encountered something very similar (if not exactly the same) in one of the first versions of CFP w. D+, back in December 2007. Then I didn’t know how to resolve it so I uninstalled in safe mode (just like you did) and reverted to CFP 2.4. This was however not on my machine. Thankfully I’ve been blessed with an almost flawless CFP & CIS on my on PC, since the very 3.0 start in November 2007. :o
As for your other criticism, I recommend a post in the CIS Feedback section. I think this will increase the chance of getting your opinion heard.
Could you please supply more info OS what other security prorams you are running etc. as unless the devs. can reproduce the problem that you are having they will not be fixed.
Thank you
Dennis
I use VMware Workstation a lot…and I’ve never had this problem. Though I’ve never had a VM on when I shutdown my host/main PC. The VM is always either powered off or suspended when I shutdown.
I will say keep CIS, because that is your defense wall and find some other virtualization software…
Edit:
if CIS keeps giving you a serious head ache, well than you have no choice than to leave CIS for a while… otherwise, you know the wise people say: “Better safe than sorry” (:WIN)
You asked if there is any proof of SS preventing BO attacks. And again, I think you have the right to ask for this, and ask if Monkey_Boy=) is willing to invite everyone to his/hers home.