How to set up MD for Silent Mode secure and safe operation?

Discussion in 'other anti-malware software' started by raven211, Apr 10, 2010.

Thread Status:
Not open for further replies.
  1. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Always been interested in silent software to protect me, and I recall a thread being made to optimize MD's silent operation, but by now I'm pretty sure it's somewhat outdated.

    What would you hardcore MD users say are the best settings for simple set-and-forget? Does MD protect against deletion, keylogging and other serious malicious activity in this mode?



    Thanks :)
     
  2. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Raven to be honest, when you run UAC + SRP + Comodo Sandbox, there is nothing which slips by your attention. Tip making your internet software silent (e.g. Opera) read about icacls.exe Setting intergity level to medium, denies elevation requests, making it absolutely quiet protection.
     
  4. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    You could run in Learning Mode until you're comfortable that MD has created enough rules to cover what you do on your computer and then change to Silent Mode.

    I don't think it's possible to have a default set-and-forget configuration because everyone's computer setup will be different.

    I would put MD in Learning Mode, reboot once, place MD back into Normal Mode and then put in the time to create a ruleset that is specific to your computer. Once that is done MD will be silent even in Normal Mode.
     
  5. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    but if you don't already have a MD license setting up MD is pointless. If you do have a MD license don't loose it because it is worth Gold.


    Comodo Sandbox? nah it should be UAC + SRP + Sandboxie
     
  6. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    nah it should be UAC + SRP + DefenseWall;)
     
  7. apathy

    apathy Registered Member

    Joined:
    Dec 10, 2004
    Posts:
    461
    Location:
    9th Circle of Hell(Florida)
    Why is a MD license worth gold? I have a license but not using it at the moment.

    I am happy running portable firefox/sandboxie/hitman pro
     
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    MD runs as good as user configured it.
    less configuration = less security
    more configuration or sharp settings = more security
    depends of your knowledge and trust in your system or in the rest of your security concept
    md runs here more in learning mode than expected - sometimes hips is a pain.
     
  9. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    Agreed!!
     
  10. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    because other than maybe EQS MD is the only classical HIPS in existence and you can no longer get a license.


    The reason why I choose sandboxie over comodo sandbox is because it is way better. Sandboxie is a PURE sandbox comodos sandbox is just another add on to its existing program.
     
  11. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    First of all to all people - we'll always have different opinions which software works best. It's a personal preference and that only.

    Now, UAC is disabled because COMODO will notify me if something is trying to run with elevated rights - should be the same on XP.


    Right now I'm on XP, so SRP and COMODO runs alone. Then I'd need some instructions on how to do this on Opera with Windows XP's counterpart; cacls.exe.



    Thank you
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    icacls only has usage with uac and rnning admin. for xp just use SRP to run opera with basic rights.
    regards kees
     
  13. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    I see. I've set C: root to disallow and excluded needed folders. On top of that sandbox - COMODO. Is there anything else I need to do for Opera?


    I'm also considering trying Returnil Free. Would it increase my protection and is it easy to manage?
     
  14. wat0114

    wat0114 Guest

    There are ways to configure the rules processing hierarchy as per its "bottom to top" processing order, making it possible to significantly reduce the pop-ups while sacrificing very little in security. There is absolutely no need to keep its default settings. Even though learning mode can be enabled for several days, the defaults (after learning mode is disabled) will still, and inevitably, annoy most who use it.
     
  15. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    So... how would Returnil compare in terms of security and usability to COMODO? Is it as light? Is it as quiet? Is it as secure?

    Thanks
     
  16. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Returnil is light and quiet. Simple reboot,and everything as it was before your day started ;)
     
  17. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Sounds great. How does it tackle deletion and maybe most of all keylogging? Can I enable it permanently so that I always run in the virtual environment?
     
  18. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    1)It will delete cookies,temp files,everything thats been downloaded to your computer from the very beginning of your day,with a simple reboot.

    2)When I used it,I ran with Returnil on 99% of the time. The only time I didnt surf with it on,was when I did Windows updates.When they were done,I turned Returnil back on :thumb:

    Never had any security problems,whether it be virus,malware,anything with Returnil.
     
  19. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    I quite agree.
    Learning mode is useful for the start, but learning mode over a long period of time will lead to a lot of rules which are not very effective in the end.

    IMHO appropriate groups are the key to a silent mode.
    I have eight groups for applications and whenever a new program starts, I send it to the corresponding group with all its allow, deny and ask rules.
    Groups with or without network access, direct disk access, access to the registry or files etc etc.
    Allowing and denying things for a group means no prompts from apps in this group.
    If someone just leaves all apps out of the groups, he will constantly struggle with a lot of prompts.

    It's also very useful to pick groups and assign it to a feature, like group x programs are allowed to run as child of explorer.exe, svchost.exe or so.
    Much better than losing track with 100+ child rules.

    Cheers
     
  20. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    away from gray - heading black/white.
    the point for me is that - if hips is used - user has to learn about it.
    someone here wrote that someone who knows about dont really need such tools.
    and another wrote that MD gives a nice look behind.
    at least i have doubt that hips is really needed for daily use.
     
  21. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    Yes, it's also my take on Malware Defender. And it was very convenient for me to not been lost in my gradual transtion to using MD as in lieu et place of System Safety Monitor (that I am/was already using this way).
     
  22. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    1. In other words I CANNOT permanently enable it?

    2. So, does it protect me from deletion of my real stuff and/or keyloggers or not? Do I need to add Prevx for proactive keylogging protection or what?
     
  23. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    1)Thats your choice,you can have it enabled all the time,no problem.

    2)Prevx will work with Returnil,no problem.

    I use keyscrambler and Defensewall for keyloggers.
     
  24. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    I see. Thank you for the answers, mate. :)


    Does anyone know how the COMODO sandbox and also SandboxIE handles keyloggers?
     
  25. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    When you are on XP pro there is a registry tweak to run applications as basic user. Normally I would run all your internet facing software as limited user. You culd also consider a dey execute of My documents. You can exclude a specal directory (e.g. install directory) for installations, new programs you want to try for your self. For ease of use have a look at pretty good security of Sully. It has a tutorial on his website also.
     
Loading...
Thread Status:
Not open for further replies.