[ThreatFire] Is custom rule setup a "must"?

Discussion in 'other anti-malware software' started by OHM, Nov 19, 2007.

Thread Status:
Not open for further replies.
  1. OHM

    OHM Guest

    Hi,
    I'm trying TF, because of Hairy Coo's advice, and a recommendation.
    I'm just curious, if I need to make custom rules, in order to get best from ThreatFire. I'm a little bit nervous, because I have no idea how to use it and what it does. Is the default setting enough?
    Thanks in advance,
    and have a nice day~
     
  2. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Absolutely.

    TF was DESIGNED to not require any advanced hocus-pocus from the user. Just install it and you're good to go.
     
  3. OHM

    OHM Guest

    solcroft,
    Thank you!
    Nice short and lucid reply, that explains everything I need.
    Thanks again!
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    OHM,

    Although I posted some custom rules, I agree with Solcroft: TreathFire provides incredible protection without needing any configuration.

    The custom rules are usefull when you are very interested in security and find it a challenge to cut down on protection software. With a normal set up (Antivirus, third party Software FireWall, AntiSpyware ) you do not need the extra rules.

    I for instance only use a Hardware FW (no Online Armor, Webroot or Comodo FireWall), have set the Antivirus (Avast) to do only forward checking on HTTP/Web, P2P and E-mail (no regular program startups or read/writes by the standard/realtime protector). Have no Antispyware program. This is what I meant by cutting in other security programs.

    Regards Kees
     
  5. OHM

    OHM Guest

    Kees1958,
    Hi,
    Wow, I have a lot to learn from you.
    Cutting in other security programs is my goal now.
    Thanks for your advice!
     
  6. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    976
    Any way to set custom rules for Threatfire that deal with thread injection and other techniques used by many leaktests? I have one rule that blocks programs from executing iexplore.exe that works for a few tests but it fails a lot of them.
     
  7. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    TF deals with thread injection by default. I haven't tried leaktests, but testing against remote access trojans and downloaders shows this functionality is present.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.