Is This Too Much Security?

Discussion in 'other anti-malware software' started by Gabriolone, Nov 21, 2011.

Thread Status:
Not open for further replies.
  1. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Well if you really want to find out just run them both but dont be suprised when your browsing comes to crawl.IMHO its doesn't mean better protection either.I have tried both together in the past and was not a enjoyable browsing experience.
     
  2. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    From that list Sandboxie would be the only thing I'd keep. Security suites are too bulky for my taste.

    Comodo FW/D+ - If you want HIPS
    LooknStop - If you don't want HIPS
    Panda Cloud - If you want a real-time AV
    Macrium Reflect Free - Imaging
    MBAM - The free version, on demand only
    Hitman Pro - On Demand

    ... you're good to go, and your puter can breathe again.
     
  3. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Dont you feel it.If he removed 1 or more he just may qualify for a part in finally fast.com:D
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Your probably right.
     
  5. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,532
    Location:
    USA
    For my money (literally) MBAM pays its own way, and then some.
    It is among the elite 3 or 4 programs in the MRG Flash tests.
    Some Wilders members choose to run it alone with the likes of Sandboxie.
    I certainly wouldn't be too quick to dismiss it. :cool:

    The OP definitely has too many security apps.
    He could pare it way down with just SBIE and a good AV like VIPRE.
    Some would even argue against the need for an AV alongside SBIE
    but for the traditionalists among us, AVs always seem to serve a valid purpose.
     
  6. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Absolutley agree.:thumb:
     
  7. tomazyk

    tomazyk Guest

    I wouldn't use all that. I would remove Prevx and DefenseWall and use MBAM as on demand only.
     
  8. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I've heard several accounts of MBAM Pro causing conflicts with other real-time apps. That's what scares me off about it. I've never actually used it myself though.

    My setup is so much snappier now without a resident AV. After 6 years uninfected, it'd be hard to justify going back now. No "listening" ports. No connections hanging after closing my browser. I actually feel safer now without one, like my attack surface has decreased.

    But I'm still waiting for Sandboxie & Hitman Pro to combine forces and make the ultimate security app: a Sandboxie that automatically connects to that extensive cloud database to scan files when you go to unbox them. It would be the biggest security app to hit the market... ever, IMO. The 2 sides need to collaborate and get this thing going.
     
  9. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Pretty much sums up AVs IMO.

    FWIW I have worked on dozens and dozens of computers with Norton or McAffee installed, and up to date, but that were seriously borked. Same would be true of any AV really, except those two have been in bed with the likes of Dell and HP for a long time, you see them more often.

    AV is junk alone, simply junk. Thier intended purpose is long since gone. They try to catch up by creating "suites" with lots of features. The downfall to that scenario is quite simple - if you can exploit one product, game is over.

    Using AV in conjunction with other tools (that means not using the AV "suite", but rather just the AV portion) gives you a tool that still serves one purpose, but you don't put all your eggs in one basket, instead using a couple other tools with it.

    Just my outlook on things, and not right or wrong. I have had my fill with "fixing" computers that had AVs on them. The few people who actually take my advice and use SBIE, fixing those is simple - just delete the sandbox. Actually, truth be told, almost any user I have helped that has not relied on AV as thier protection has been better off. These experiences have more than convinced me that an AV is just not the answer. It is also why I haven't used one for a long time now.

    For those who just like AV or don't want to learn a lot to stop using them, then at least use the AV as only one part of the security, not the whole thing.

    Sul.
     
  10. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    If you add a few more you can completely fill your HD:-that way you'll have no room for any malware to install!:D
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    @Sul,

    And yet so many users, even sandboxie/dw users, use an on demand scanner.

    AV's are the only products that can give you a definitive "YEah, this is a known malicious file" answer. There's a much smaller grey area with them than, say,DW, which sandboxes indiscriminately.
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,923
    Location:
    Canada
    exactly:thumb:
     
  13. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,252
    Location:
    Chaotic Land
    :thumb:
     
  14. Montmorency

    Montmorency Registered Member

    Joined:
    Oct 9, 2011
    Posts:
    181
    I hope that will never happen.
    Those are my last resource programs, I don't want them together.

    Stop being silly.
     
  15. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Well, IMO there is nothing really wrong with using scanner or AV, as long as one realizes that they are dependent upon a "list" of things to watch for. It isn't that they don't do what they are designed to do, it is just that many use them as thier only means of security, and they are using something that is "reactive" to the issues rather than "proactive".

    If people I help are not up to going without an AV, by using other methods, then I tell them they should use an AV, however, I try to explain to them that they WILL have problems if that is all they are going to use. In some cases it is better than nothing, but the AV itself is broke because if you don't get the definition for the latest virii/etc soon enough, then you have no protection at all.

    It is confusing to me why they still push a lie. Security does not lie in scanning every file any longer, not since the internet became prolific. You can never keep up with that. Instead, security comes in a few other avenues IMO, some being virtualization, some being user restrictions, some other means as well, or a combo of them. It seems though that the average user has finally gotten the picture from 10 years ago, they need an AV. But, we are past that now, but much of what I hear is still AV, at least in averge joes vocabulary.

    I guess if you don't know much, you better use an AV. Too bad it could cost you so much these days, in terms of $$ spent to remove problems AV cannot fully stop, or $$ for upgrades even that crooks try to sell you or software too. Cost factors such as loss of productivity not withstanding, let alone theft of data or worse, identity theft, a very real threat for those who know nothing.

    I guess I preach a lot of NO AV stuff, although I realize not everyone is ready for that. Still, can't hurt to try I guess ;)

    Sul.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I think the vast majority of people "don't know much." They want a definitive answer.

    IMO sandboxing itself is not enough. Try installing Sandboxie and then running every single application you install within sandbox. It won't work well. Same goes with DW.

    You need some discrimination between files and that's really what an AV tries to do.
     
  17. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    This is my approach: containment > permissions > white listing > blacklisting (by allowing only what's white listed and antimalware scanning)

    Containment alone won't work. Permissions alone won't work. White listing alone won't work. Blacklisting alone won't work. Imaging alone won't work either.

    All that together will work 99%. The other 1%? Drink a bear and if you do no home banking, no worries. :-*
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I would call containment and permissions the same thing.

    I hate both whitelists and blacklists. Whitelists rely on trusting someone or trusting your self to decide when an application is good. Blacklists rely on someone else's ability to find all of the malware out there.
     
  19. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    That depends on how one sees it. Sandboxie is all about containment, but one can also tighten it by taken away permissions, allowed by default (within the sandboxes). Which is why I like to see it as containment > permissions.

    Moments ago you said...

    and...

    This is blacklisting, isn't it? You're hard to please, dude. :argh:
     
  20. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,532
    Location:
    USA
    Let's not forget while we're talking about containment and whitelisting and blacklisting, etc, that whatever malware manages to slip through those cracks still has to find YOU... or to put it another way, you still have to find IT.

    On top of that, timing is involved, like with zero-day stuff. Or even when you decide to visit a particular site.

    If you're not on your computer when the malware is being served up, or you're not going to the particular hacked site, you're none the worse off.

    Point I'm trying to make is that when identifying security lapses, it's still not a given that you are gonna get infected. Other things also have to line up, or take place, for it to occur.
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    All containment is a matter of permissions. Read access to one area but only write access to the virtualized area. No internet access - permissions/ containment. That's all I mean.

    Not quite blacklisting. When I think of blacklisting I think of a list of files to be considered "bad." You don't need a list to make distinctions between good and bad.

    @PPage
    Definitely.
     
  22. Gabriolone

    Gabriolone Registered Member

    Joined:
    Mar 12, 2011
    Posts:
    28
    Thank you all for your suggestions. I will follow up by removing:

    1. Prevx, and
    2. Sandboxie
    Thank you again.
     
  23. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,730
    Location:
    Toronto Canada
    You have so much that it's running you.
     
  24. Tarantula

    Tarantula Guest

    I think, you just need NIS 2012.Nothing more than that.
     
  25. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Is going without an AV riding "bareback" or is only using an AV riding "bareback"? So hard to tell :)

    Sul.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.