Layered defense setup

Discussion in 'other anti-malware software' started by southcat, Apr 17, 2010.

Thread Status:
Not open for further replies.
  1. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Hello. I am reviewing my PC security setup this 2 days. Because I always use online banking service and i do a lot of documents works on internet for my job. So i am very serious concern my computer security setup.

    My current setup:

    Comodo Firewall / Defense+(HIPS)
    NOD32
    Spyware Terminator+HIPS
    Process Guard
    Spyshelter

    I am considering to add in or replace "Spyware Terminator" by

    Malware Defender
    Malwarebytes' Anti-Malware
    ThreatFire
    Spy Sweeper

    How should i choose ? May i have some advise over here ?

    Once again to say, i really do many serious tasks online, security setup really very important to me.

    Thanks for concern.

    Regards
    Gavin
     
  2. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Well you don't need another HIPS so malware defender is out. Spysweeper I don't know much about. I don't think it would help any. I think adding malware bytes would be good. Threatfire is a HIPS/behavior blocker. You already have defense+ and process guard. I think just adding MBAM would round things off nicely. You could also instead add either a sandbox like sandboxie or defensewall or geswall. With either of those you really don't need spyshelter. So it would be Comodo, Nod32, process guard (kinda over kill with defense+), and sandboxie/defensewall/geswall.
     
  3. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    I see you got 3 HIPS programs in play there. I would just go with 1...being the one you are most comfortable with.

    Where you do a lot of sensitive online work I would suggest you look at antilogger products also. eg: Prevx Safeonline, Zemana Antilogger, there are a few others but those are the first 2 that come to my mind and I have used them both (not at the same time).

    Take a look at some of the setups in the "Whats your security setup these days" thread for some other ideas. Just beware that some of these setups are overkill and more for sport than practicality.
     
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    Don't replace Spyware Terminator with Malware Defender. Malware Defender is a HIPS program, and may interfer with Comodo's Defense+. It wouldn't be wise to run the two together. Your best bet out the choices you listed would be to use MalwareBytes or SpySweeper. I believe i would go with Malwarebytes since it protects well against Rogues which seems to be NOD 32's weaker area. Spyware sweeper has excellent detection, but the last time i checked it was much heaver on resources than Malwarebytes. You will have to get the paid version of Malwarebytes or you will only be able to do on-demand scanning with it.
     
  5. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
  6. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    I agree with the above posters you should only have 1 HIPS. Comodo HIPS will probably be best seen how it is not old and updated, and you cant get a MD licence any more so don't bother with that.

    If you want Layered defense have 1 HIPS 1 sandbox ie Sandboxie and a backed up image with something like Macrium Reflect.
     
  7. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    1 HIPS is enough
    And add Malwarebytes :D
     
  8. lubieplacki

    lubieplacki Registered Member

    Joined:
    Mar 24, 2010
    Posts:
    151
    Location:
    Poland
    Agree :)
     
  9. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    First of all, thanks for all of your precious opinions. From the information collected from you guys, i think MBAM is the choice. I will consider to drop "spyware terminator" or "process guard". But last time i used the SandboxIE it always crash my Windows XP, so i am quite afraid to try again those sandbox software.

    Keyscrambler i am not familiar with this kind of software, perhaps i should take a look on it.

    You guys are very helpful, i really appreciate it. Because now too many security software to select, really hard to make the decision.


    Regards
    Gavin
     
  10. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,078
    Comodo Firewall / Defense+(HIPS) / Sandbox
    NOD32
    Malwarebytes' Anti-Malware
    Keyscrambler
    Immunet (optional)
     
  11. STONEMAN

    STONEMAN Registered Member

    Joined:
    Jan 17, 2009
    Posts:
    98
    Location:
    London,South Of The River
    Just added keyscrambler to my security setup,thanks to escapevelocity,
    very nice software.encrypts anything you type on your keyboard
     
  12. Too many HIPS and related programs there. You only need one HIPS, two or more will go crazy when they start detecting each other. Even a HIPS plus Threatfire is not advisable, unless you want tons of popups.

    I would keep Comodo and Defense+ and everything else except for MBAM and NOD32 (you've got a license for that, you might as well use it instead of Comodo's antivirus).

    P.S. Make sure Defense+ is configured to actually give you decent security. By default there are way too many things it doesn't intercept.

    Edit: Also, last I checked, Comodo could keep tabs on keyloggers, so Keyscrambler may not be necessary. Probably can't hurt though.
     
  13. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    FYI southcat,
    Take a look at the Comodo sandbox-does it protect against keyloggers thread. Its under other anti-malware but it got moved. Kinda shows you that defense+ works well against keyloggers.
     
  14. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    Hello kjdemuth, thank you again. I already tried Defense+ with zemana and spyshelter website provided keylogger test, it can pass. But seems like the comodo sandbox is not a stand alone program, it is integrated into comodo internet security.

    After learned from the comodo website, i found that the CIS seems to be too powerful, Does anyone experience it ? How is it ?

    Thanks for concerns.

    Regards
    Gavin
     
  15. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    yes comodo D+ is very powerfull when set to paranoid(proactive mode) mode;)
     
  16. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Too powerful? No. Its all in how you configure it. I wasn't really referencing the sandbox just the fact that defense+ can handle keylogging. I think that Comodo, Nod32, MBAM and keyscrambler are enough for you.
     
  17. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    If your anti-keyloggers fail, keyscrambler gives you a backup foil to the bad guys, encrypting keystrokes at the kernel. Layers.
     
  18. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    OA also has a good antikelogger capabilities;)
    i may use it again if my laptop dont get over heated again
     
  19. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    OP, you might try SafeOnline from PrevRX too.
     
  20. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Or does Comodo Firewall / Defense+ HIPS handle most of what SafeOnline does?
     
  21. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    My guess is that's correct. I don't even run the FW since I've not seen any use for it except for (note the sarcasm) slowing down my browsing speed possibly.


    If anyone has got a good example of added protection of the FW IF already running one through hardware, please write that here. :)
     
  22. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Outbound protection.
     
  23. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    True :p

    Yeah Defense+ is very good, but it takes some time to create rules in the beginning :p (I always disable the signed executable thing)
    I like more when it asks for every program and then you slowly build your set of rules :D
     
  24. Less

    Less Registered Member

    Joined:
    Dec 24, 2008
    Posts:
    248
  25. southcat

    southcat Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    212
    keyscrambler seems like very good, i will give it a try. But I think i will retain Process Guard as a backup HIPS. Remove spyware terminator but add in threatfire, do i still need MBAM Pro ?

    I love Comodo D+ it is very good HIPS program don't mention it is anti-keylogger also.

    Thanks Less, the URL you attached which is very useful and the rest of you, thanks for your opinions.

    Regards
    Gavin
     
Loading...
Thread Status:
Not open for further replies.