Comodo firewall question


  1. Posts : 60
    Windows 7 Home Premium
       #1

    Comodo firewall question


    I use Comodo firewall and am pleased with it. When I click on an exe obviously comodos proactive defence pops up to ask for permission for things to run. All nice and secure.

    However, I downloaded a PDF viewer ( PDF -XChange, very light, very quick ) which came as an msi file, and whilst running it comodo remained silent.

    Is this the norm with msi files?

    Is this a security risk that needs addressing?

    If bogus apps or malware use the msi extension could they install themselves without triggering comodo?
      My Computer


  2. Posts : 268
    windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
       #2

    tuckeratlarge said:
    However, I downloaded a PDF viewer ( PDF -XChange, very light, very quick ) which came as an msi file, and whilst running it comodo remained silent.
    Defense+ will not give a pop-up if the file has already been analyzed by Comodo and added to the safe list. That is why there was no pop-up. This allows the user to greatly increase security without much of the frustration that would otherwise come with it.

    Is this the norm with msi files?
    i hope not
    Is this a security risk that needs addressing?
    If bogus apps or malware use the msi extension could they install themselves without triggering comodo?
    for that eventuality you run an av...plus some on demand scanners like mbam/sas/hitman etc to scan the downloaded files.... plus periodic scans
      My Computer


  3. Posts : 759
    W7-Enterprise + WS-2008 (Converted to Workstation)
       #3

    hi !

    i´m using Comodo´s firewall & Defence+ (D+).
    D+ reacts to every program i install.
    i have both firewall & D+ in "Safe Mode".
    what settings are you using ?
      My Computer


  4. Posts : 60
    Windows 7 Home Premium
    Thread Starter
       #4

    Safe Mode.
      My Computer


  5. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #5

    I found this regarding .msi files:

    Windows Installer

    The Windows Installer (previously known as Microsoft Installer) is an engine for the installation, maintenance, and removal of software on modern Microsoft Windows systems. The installation information, and often the files themselves, are packaged in installation packages, loosely relational databases structured as OLE COM Structured Storages and commonly known as "MSI files", from their default file extension.


    If I understand the above correctly, the msi files themselves are not executables; therefore, I don't think they will trigger Comodo. The installer itself would definitely trigger unless you have previously approved that installer.



    Just my take and I may be wrong.
      My Computer


  6. Posts : 268
    windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
       #6

    well..........
    HIPS (Defense+)

    Comodo's HIPS (host intrusion prevention system), known as Defense+, is designed to provide protection against unknown malware. It is designed to restrict the actions of unknown applications, and restrict access to important files, folders, settings and the Windows Registry. Defense+ employs Default Deny [7] Protection, by default refusing any unknown file permission to install or execute except when specifically allowed by the user or when the file appears on Comodo's whitelist
    and

    Host Intrusion Prevention System (HIPS) Application Control
    Comodo Firewall Pro integrated HIPS technology whereas most often HIPS is only available as stand alone solution. Using HIPS, Comodo Firewall Pro can prevent spyware and malware from ever being installed on a user's PC. When activated, the user is warned EVERY time an unknown executable (.exe) attempts to run that is not found in Comodo's white list database. The user has the option to allow or block the application from running. This approach is only practical when used in conjunction with a comprehensive white list database that only allows safe and trusted programs from ever being installed on a PC.
    And if you think for some reason you don't trust the whitelist.. You can use "Paranoid Mode" This will treat EVERY application as unknown, Regardless if it's in the whitelist or not.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:46.
Find Us