Comodo Internet Security

• Introduction To Comodo Internet Security
  • Special Features
  • System Requirements
  • Installation
    • CIS Premium Installation
    • CIS Pro-Installation And Activation
    • CIS Complete-Installation And Activation
      • Installing Comodo Internet Security 2012 Complete
      • Activating Online Backup, TrustConnect And Guarantee
      • Installing Comodo Backup
      • Installing Comodo TrustConnect
    • Activating Pro/ Complete Services After Installation
      • Activating Your License
      • Activating Your Guarantee Coverage
      • Renewal Of Your License
  • Starting Comodo Internet Security
  • Comodo Internet Security - Overview Of Summary Screens
    • Comodo Internet Security – Summary
    • Comodo Antivirus – Summary
    • Comodo Firewall – Summary
  • Comodo Internet Security - Navigation
  • Understanding Alerts
• Antivirus Tasks-Introduction
  • Run A Scan
  • Update Virus Database
  • Quarantined Items
  • View Antivirus Events
  • Submit Files To Comodo For Analysis
  • Scheduled Scans
  • Scan Profiles
  • Scanner Settings
    • Real Time Scanning
    • Manual Scanning
    • Scheduled Scanning
    • Exclusions
• Firewall Tasks-Introduction
  • View Firewall Events
  • Define A New Trusted Application
  • Define A New Blocked Application
  • Network Security Policy
    • General Navigation
    • Application Rules
    • Global Rules
    • Predefined Policies
    • Network Zones
    • Blocked Zones
    • Port Sets
  • View Active Connections
  • Stealth Ports Wizard
  • Firewall Behavior Settings
    • General Settings
    • Alert Settings
    • Advanced Settings
• Defense+ Tasks - Introduction
  • View Defense+ Events
  • Trusted Files
  • Unrecognized Files
    • Unrecognized Files
    • Submitted Files
  • Computer Security Policy
    • Defense+ Rules
    • Predefined Policies
    • Always Sandbox
    • Blocked Files
    • Protected Files And Folders
    • Protected Registry Keys
    • Protected COM Interfaces
    • Trusted Software Vendors
  • The Sandbox - An Introduction
    • Unknown Files - The Sand-boxing And Scanning Processes
  • View Active Process List
  • Run A Program In The Sandbox
  • Defense+ Settings
    • General Settings
    • Execution Control Settings
    • Sandbox Settings
    • Monitoring Settings
• More Options-Introduction
  • Preferences
    • General Settings
    • Parental Control Settings
    • Appearance
    • Log Settings
    • Connection Settings
    • Update Settings
  • Manage My Configurations
    • Comodo Preset Configurations
    • Importing/Exporting And Managing Personal Configurations
  • Diagnostics
  • Check For Updates
  • Manage This Endpoint
  • Browse Support Forums
  • Help
  • About
• Comodo GeekBuddy
  • Overview Of Services
  • Launching The Client And Using The Service
  • Accepting Remote Desktop Requests
  • Registration
  • Activation Of Service
  • Uninstalling Comodo GeekBuddy
• TrustConnect Overview
  • Microsoft Windows - Configuration And Connection
  • Mac OS X - Configuration And Connection
  • Linux / OpenVPN - Configuration And Connection
  • Apple IPhone / IPod Touch - Configuration And Connection
  • TrustConnect FAQ
• Comodo Dragon
• Appendix 1 CIS - How To... Tutorials
  • Setting Up Security Levels Easily
  • Setting Up The Firewall For Maximum Security And Usability
  • Blocking Internet Access While Allowing Local Area Network (LAN) Access
  • Setting Up Defense+ For Maximum Security And Usability
  • How To Password Protect Your CIS Settings
  • How To Reset Forgotten Password (Advanced)
  • Running An Instant Antivirus Scan On Selected Items
  • Creating An Antivirus Scanning Schedule
  • Running An Untrusted Program Inside Sandbox
  • Restoring Incorrectly Quarantined Item(s)
  • Submitting Quarantined Items To Comodo For Analysis
  • Enabling File Sharing Applications Like BitTorrent And Emule
  • Blocking Any Downloads Of A Specific File Type
  • Disabling Defense+ And Sandboxing For Specific Files Selectively
  • Switching Between Complete CIS Suite And Individual Components (just AV Or FW)
  • Switch Off Automatic Antivirus And Software Updates
  • Suppressing CIS Alerts Temporarily While Playing Games
• Appendix 2 Comodo Secure DNS Service
  • Router - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows XP - Manually Enabling Or Disabling Comodo Secure DNS Service
  • Windows 7 / Vista - Manually Enabling Or Disabling Comodo Secure DNS Service
• Appendix 3 CIS Versions
• About Comodo Security Solutions

Setting up Defense+ for Maximum Security and Usability

This page explains on configuring the Host Intrusion Prevention System (HIPS) component of CIS to provide maximum security from the malicious programs that try to execute from within your system and to protect your system from data theft, computer crashes and system damage by preventing most types of buffer overflow attacks, prevent possible attacks from root-kits, inter-process memory injections, key-loggers and more.

To configure Defense+

1. Click 'Defense+' from the top navigation and click 'Defense+ Settings' from Defense+ Tasks interface. The Defense+ Settings interface will open.

2. Click the 'General Settings' tab and make the following settings:

• Move the Defense+ security Level slider to Safe Mode; Refer to Defense+ Settings > General Settings for more details on the Security Levels.

• Optional – Enable 'Block all unknown requests if the application is closed'. Selecting this option blocks all unknown execution requests if Comodo Internet Security is not running/has been shut down. This is option is very strict indeed and in most cases should only be enabled on seriously infested or compromised machines while the user is working to resolve these issues. If you know your machine is already ‘clean’ and are looking just to enable the highest CIS security settings then it is OK to leave this box unchecked.

• If you are using a 64-bit system, in order to maximize the security, it is important to select 'Enable enhanced protection mode (Requires a system restart)' – Enabling this mode will activate additional host intrusion prevention techniques in Defense+ to countermeasure extremely sophisticated malware that tries to bypass regular countermeasures.

Because of limitations in Windows 7 x64, some HIPS functions in previous versions of CIS could theoretically be bypassed by malware. Enhanced Protection Mode implements several patent-pending ways to improve HIPS in Defense+

• Make sure that the check box 'Deactivate the Defense+ permanently' is not selected.

3. Click the Execution Control Settings tab and make the following settings:

• Move the Execution Control Level slider to Enabled. Refer to Defense+ Settings > Execution Control Settings for more details.








• Make sure that the check box Treat unrecognized files as is selected and choose 'Partially Limited' from the drop-down menu.

• Make sure that all the check boxes:

• Do heuristic command-line analysis for certain applications;

• Perform cloud based behavior analysis of unrecognized files;

• Automatically scan unrecognized files in the cloud; and

• Detect shellcode injections (i.e. Buffer overflow protection).

… are selected.

 

Refer to Defense+ Settings > Execution Control Settings for more details.

4. Click the 'Monitoring Settings' tab and make sure that all the check boxes are selected.








5. Click 'OK' for your settings to take effect.

---

Comodo Internet Security User Guide | © 2012 Comodo Security Solutions Inc. | All rights reserved