[AccessD] OT: Comodo Firewall

pcs at azizaz.com pcs at azizaz.com
Thu Dec 27 19:39:33 CST 2007 

Thanks for reply.... after I pressed the send button I 
googled Help on the Active Defense thingie ... apparently 
the Purge option will delete file entries from the Pending 
List for your Review for files that are no longer on your 
system (temp files used during installation etc.) It was 
also recommended to place the thingie in Learning mode for a 
couple of weeks and then place it back to PC Clean.... I 
think I'll stick with the Comodo for a little while 
longer... I like it when it pops up and says program B is 
trying to use Program A do you allow it to do that? For 
example I have a little app that came preinstalled on the 
laptop called PowerForPhone - never used it - suddenly it 
was trying to get intimate with Skype... hmmmm...you just 
don't know what's going on under the plastic cover....

What I would like to do next would be to get full clarity of 
all the different processes running on the computer, and 
turn does off I have no use for. Any application out there 
that can help me with that?

Happy new year!

Borge



---- Original message ----
>Date: Thu, 27 Dec 2007 09:25:22 -0500
>From: "jwcolby" <jwcolby at colbyconsulting.com>  
>Subject: Re: [AccessD] OT: Comodo Firewall  
>To: "'Access Developers discussion and problem solving'" 
<accessd at databaseadvisors.com>
>
>In which case turn off the proactive defense thing.  IMHO 
that part is not
>ready for prime time.  IIRC Comodo has several million 
installed users and
>the majority have no problems but some of us do (me too).  
The Review /
>Pending thing is you telling Comodo that the files are OK, 
you approve of
>them.  The huge number occurs as Comodo does the initial 
scan of your
>system.  I think that there is a "select all" and you can 
then "approve".
>Basically that is telling the Active Defense thingie that 
these files are
>known to be good and stop worrying about them.
>
>I am not a security guru, I just use it.  My understanding 
of the Active
>Defense thingie is that it is a monitor that does several 
things.
>
>1) Watches what programs load and alerts you to any not on 
the "OK list",
>those being possibly infections that slipped in some how.
>2) Watches running applications to see how they interact.  
Programs "use"
>each other all the time.  FoxFire "uses" quick time to 
display or play
>something etc.  Supposedly you tell the Active monitor ONCE 
that it is OK
>for program A to use program B.  If the interaction is not 
in the OK list
>then you are warned that the interaction is happening.
>3) Watches that programs try to modify the registry.  This 
is waay more
>common that I realized but occurs mostly at install and so 
can signal that a
>nasty is installing itself, or that it is attempting to 
disable another
>program (AV, firewall etc).
>
>So Active Defense is a program that sits in memory and 
watches Windows do
>its job looking for signs of danger, keeping a list of 
which things you say
>are OK and alerting you to things that you have not said is 
OK.  These
>"Active Defense" programs are becoming more common as the 
normal infection
>vector (email) becomes the least used vector.  Nowadays the 
most common
>vector is malformed HTML, but that is certainly not the 
only vector.
>Messenger, file sharing programs, Office documents (and now 
access
>databases), PDF files, pictures, music, all of these things 
have been used
>to spread infections and so an "anti nasty" system has to 
do more than just
>scan email for viruses.  It pretty much has to watch 
Windows DYNAMICALLY run
>and look for suspicious activities from moment to moment as 
you use your
>computer.  Thus "Active protection" .
>
>Unfortunately by its very nature it is NOT unobtrusive.  
All it can hope to
>do is to keep track of things you say are ok and not ask 
you about those
>things again.
>
>John W. Colby
>Colby Consulting
>www.ColbyConsulting.com 
>-----Original Message-----
>From: accessd-bounces at databaseadvisors.com
>[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of 
pcs at azizaz.com
>Sent: Thursday, December 27, 2007 8:15 AM
>To: Access Developers discussion and problemsolving
>Subject: [AccessD] OT: Comodo Firewall
>
>
>John Colby recommended Comodo Firewall and I installed 
it ...
>
>I have no time to read all the Help etc. 
>I had placed the Proactive Defence to PC Clean Now I have 
over 7,000 files
>for review / Pending Files!!??
>
>What should I do?
>
>Apart from Purge?
>
>What does Move To.. My own safe files do? Does it 
physically move the files?
>
>Remove ?  Does that mean remove from the list of Pending 
Files? What good
>will that to, will the files just start accumulating again 
for my
>review(?!).
>For sure Remove wouldn't mean remove from the System - 
that's the Purge,
>right - not in the mood to test that one out %( .
>
>What is your recommended setting for this Proactive Defense 
thing?
> 
>I don't roam the www wildly - I just want to install a 
firewall and then for
>the most part forget about it...
>
>Confused,
>Borge
>--
>AccessD mailing list
>AccessD at databaseadvisors.com
>http://databaseadvisors.com/mailman/listinfo/accessd
>Website: http://www.databaseadvisors.com
>
>-- 
>AccessD mailing list
>AccessD at databaseadvisors.com
>http://databaseadvisors.com/mailman/listinfo/accessd
>Website: http://www.databaseadvisors.com

More information about the AccessD mailing list