I like CIS Full Suite. My cousin has got WIN 7 64 Bits Laptop. I have installed CIS Full Suite with Default Settings on his laptop. He is an average user. He doesn’t like & understands the popups so at times blocks the legit apps so I have to help him out.
So I have tweaked the CIS setting following way to make suitable for him. I know this tweaked setting will reduce the protection but I think then too he will have better protection than simple having any FW & AV installed. I want to confirm few things about the tweaked settings so I am here for your expertise.
I want CIS on his laptop in a way so that there are no D+ popups so I changed Computer Security Policy - All Applications - To Allow. In this way Autosandbox & Unlimited Rights popup are there but no D+ popups.
I want to know
If an app is autosandboxed I am protected, right?
If an app is autosandboxed & D+ popups are associated to it I am not protected coz I have allowed all the D+ popups, right?
Through Unlimited Rights if I Sandbox an app I am protected, right?
Through Unlimited Rights Popup if I Sandbox an app & D+ popups are associated to it I am not protected coz I have allowed all the D+ popups, right?
Am I protected with BufferOverflow Protection?
Any other weakness of the tweaked settings other than the above?
Plzzzzzzzzzzzzzzzzz give the info & reply on all the above points.
for no alerts from defense + i personally like clean pc mode. it assumes everything is safe on the computer and if anything trys to install from the net it is blocked. no alerts computer stays clean.
My cousin has got WIN 7 64 Bits Laptop. I have installed CIS Full Suite with Default Settings on his laptop. He is an average user. He doesn't like & understands the popups so at times blocks the legit apps so I have to help him out.
I say, go to firewall settings and a few changes
1) open CIS
2) Click on "firewall icon"
3) Click on "Firewall Behaivor Settings"
4) Change the Firewall level to "training mode" for 2 weeks" then change it to "Safe Mode"
then
5) Click on the "Advanced Folder"
6) add all 5 checkmarks there
7) click "OK"
Now the firewall is tweaked to the Max with pop-ups virtually no existent
Now back to your questions
1. If an app is autosandboxed I am protected, right?
Yes, but I believe your autosandboxed app won't save any software settings
3. Through Unlimited Rights if I Sandbox an app I am protected, right?
The answer is the same for question 1 and 3
5. Am I protected with BufferOverflow Protection?
As long as you don't disable "Execution Control settings" Folder in Defense + and you don't Disable Defence + You will be protected
4. Through Unlimited Rights Popup if I Sandbox an app & D+ popups are associated to it I am not protected coz I have allowed all the D+ popups, right?
I don't know what you mean by "Unlimited Rights Popup is
2. If an app is autosandboxed & D+ popups are associated to it I am not protected coz I have allowed all the D+ popups, right?
If you allow all D+ popups by "disabling Defence +" then you are correct. If your TEMPORARILY(like for about 2 weeks) allowing all pop-ups. Then NO. As long as your carefull online while it's in training mode, you should be good to go
6. Any other weakness of the tweaked settings other than the above?
Plzzzzzzzzzzzzzzzzz give the info & reply on all the above points.
I can answer both of them in 1 response.
As long as you changed the firewall settings and follow the answers for questions 1,2 and 5
D+ ---------- Computer Security Policy ---------- All Applications ------------ I have changed the Custom Poilicy for All Applications from ask to Allow except the 1st one i.e executables which cannot be changed & is set to ask. So with this changed setting I will not get any D+ popups but will get Unlimited Rights Popup coz the setting for executables is set to ask, right? (Unlimited Rights Popup is when you install an app which is not whitelisted by comodo you get the popup saying not whitelisted by comodo with the options Sandbox, Allow & Block.
Now my question was, with this changed setting —
Any app autosandboxed or sandbox through unlimited rights popup if not going to trigger D+ popups then I am protected, right?
Any app autosandboxed or sandbox through unlimited rights popup if going to trigger D+ popups then I am not protected coz the triggered D+ popups are allowed automatically with this changed setting, right?
There are not much response here. I dont know if I am asking anything stupid or I am not explaining the things properly or the experts here are not replying coz they dont want to help in things which reduces the security & CIS potential.
If I am not able to explain the things properly then this time I will try to explain it more clearly.
I just want to know ------
If I change D+ ----------- Computer Security Policy ------------ D+ Rules ------------ All Applications - Custom Policy ---------- Access Rights, all from ask to allow (except executables coz there is no allow option for this), What will be the effects on Autosanbox, Sandbox through Unlimited Rights popup & overall CIS??
I don’t fully understand your question… if you put d+ to accept all exeutive file without d+ to ask they exe files will let. The sandbox comes in action when unknown files going to run with default settings.
I only want to use CFW, AV & AutoSandbox. I have changed the D+ Rules - All Applications Access Rights from Ask to Allow (Run an Executable set to Ask), so this allows all the D+ popups automatically i.e I will not get any D+ popups coz they are allowed as per my settings, m I right??
Autosandbox are happening & I am only getting Unlimited Rights popup coz Run an Executable is set to Ask, no other D+ popups I am getting coz except executable all the others are allowed automatically as per my settings, m I right?
In Default Settings, some apps when Autosandbox or Sandboxed through Unlimited Rights popup we also get few D+ popups ------ as per my settings I am not protected in this case coz the D+ popups are allowed automatically, m I right?
In Default Settings, some apps when Autosandboxed or Sandboxed through Unlimited Rights popup we dont get any D+ popups ---------- as per my settings I am protected in this case coz there are no D+ popups, m I right?
IMHO you are complicating things by tweaking your cousins system especially if you are not there to help him out 24/7 because he will not understand what you have tweaked and why.You state that your cousin doesn’t understand the alerts so sometimes he or she blocks legit applications.So with that in mind I would keep it simple.
What I would do is install comodo internet security and update, now sit there with your cousin and run the everyday programs he would normally use such as his browser and games maybe print something off his printer if he has a printer installed etc you get the picture. Now after all that has been done and your comodo set up is used to your cousins PC set up and behaviour then you suppress the all the anti virus and defence + alerts. Make sure the anti virus quarantines viruses automatically.
Just keep it simple… this is my opinion and advise.
I have 2 computers upstairs which my two sons use, they are both set up with the system set up I have pointed above and I have had no issues nor problems.I am sure Languy99 would agree with that set up because he recommended that set up in the first place and it works. watch his videos on you tube.