[ThreatFire] Is custom rule setup a "must"?

Discussion in 'other anti-malware software' started by OHM, Nov 19, 2007.

Thread Status:
Not open for further replies.
  1. OHM

    OHM Guest

    Hi,
    I'm trying TF, because of Hairy Coo's advice, and a recommendation.
    I'm just curious, if I need to make custom rules, in order to get best from ThreatFire. I'm a little bit nervous, because I have no idea how to use it and what it does. Is the default setting enough?
    Thanks in advance,
    and have a nice day~
     
  2. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Absolutely.

    TF was DESIGNED to not require any advanced hocus-pocus from the user. Just install it and you're good to go.
     
  3. OHM

    OHM Guest

    solcroft,
    Thank you!
    Nice short and lucid reply, that explains everything I need.
    Thanks again!
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    OHM,

    Although I posted some custom rules, I agree with Solcroft: TreathFire provides incredible protection without needing any configuration.

    The custom rules are usefull when you are very interested in security and find it a challenge to cut down on protection software. With a normal set up (Antivirus, third party Software FireWall, AntiSpyware ) you do not need the extra rules.

    I for instance only use a Hardware FW (no Online Armor, Webroot or Comodo FireWall), have set the Antivirus (Avast) to do only forward checking on HTTP/Web, P2P and E-mail (no regular program startups or read/writes by the standard/realtime protector). Have no Antispyware program. This is what I meant by cutting in other security programs.

    Regards Kees
     
  5. OHM

    OHM Guest

    Kees1958,
    Hi,
    Wow, I have a lot to learn from you.
    Cutting in other security programs is my goal now.
    Thanks for your advice!
     
  6. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Any way to set custom rules for Threatfire that deal with thread injection and other techniques used by many leaktests? I have one rule that blocks programs from executing iexplore.exe that works for a few tests but it fails a lot of them.
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    TF deals with thread injection by default. I haven't tried leaktests, but testing against remote access trojans and downloaders shows this functionality is present.
     
Loading...
Thread Status:
Not open for further replies.