jwcolby
jwcolby at colbyconsulting.com
Thu Dec 27 08:25:22 CST 2007
In which case turn off the proactive defense thing. IMHO that part is not ready for prime time. IIRC Comodo has several million installed users and the majority have no problems but some of us do (me too). The Review / Pending thing is you telling Comodo that the files are OK, you approve of them. The huge number occurs as Comodo does the initial scan of your system. I think that there is a "select all" and you can then "approve". Basically that is telling the Active Defense thingie that these files are known to be good and stop worrying about them. I am not a security guru, I just use it. My understanding of the Active Defense thingie is that it is a monitor that does several things. 1) Watches what programs load and alerts you to any not on the "OK list", those being possibly infections that slipped in some how. 2) Watches running applications to see how they interact. Programs "use" each other all the time. FoxFire "uses" quick time to display or play something etc. Supposedly you tell the Active monitor ONCE that it is OK for program A to use program B. If the interaction is not in the OK list then you are warned that the interaction is happening. 3) Watches that programs try to modify the registry. This is waay more common that I realized but occurs mostly at install and so can signal that a nasty is installing itself, or that it is attempting to disable another program (AV, firewall etc). So Active Defense is a program that sits in memory and watches Windows do its job looking for signs of danger, keeping a list of which things you say are OK and alerting you to things that you have not said is OK. These "Active Defense" programs are becoming more common as the normal infection vector (email) becomes the least used vector. Nowadays the most common vector is malformed HTML, but that is certainly not the only vector. Messenger, file sharing programs, Office documents (and now access databases), PDF files, pictures, music, all of these things have been used to spread infections and so an "anti nasty" system has to do more than just scan email for viruses. It pretty much has to watch Windows DYNAMICALLY run and look for suspicious activities from moment to moment as you use your computer. Thus "Active protection" . Unfortunately by its very nature it is NOT unobtrusive. All it can hope to do is to keep track of things you say are ok and not ask you about those things again. John W. Colby Colby Consulting www.ColbyConsulting.com -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of pcs at azizaz.com Sent: Thursday, December 27, 2007 8:15 AM To: Access Developers discussion and problemsolving Subject: [AccessD] OT: Comodo Firewall John Colby recommended Comodo Firewall and I installed it ... I have no time to read all the Help etc. I had placed the Proactive Defence to PC Clean Now I have over 7,000 files for review / Pending Files!!?? What should I do? Apart from Purge? What does Move To.. My own safe files do? Does it physically move the files? Remove ? Does that mean remove from the list of Pending Files? What good will that to, will the files just start accumulating again for my review(?!). For sure Remove wouldn't mean remove from the System - that's the Purge, right - not in the mood to test that one out %( . What is your recommended setting for this Proactive Defense thing? I don't roam the www wildly - I just want to install a firewall and then for the most part forget about it... Confused, Borge -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com