Using No Antivirus

Discussion in 'other anti-virus software' started by desertjon, Apr 26, 2012.

Thread Status:
Not open for further replies.
  1. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    And a very large watch dog I may add thats low maintenance.
     
  2. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    No, it was NoVirusThanks.exe free. It ran fine for a few days, then I started getting freezes, similar to when explorer.exe freezes or goes nuts. I removed nvt and it stopped. Reinstalled it and all was okay for a few days and the problem began again, so got rid of it. I may upgrade OA to Premium or ++ if all continues to go well.
     
  3. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    It's been 6 years since I used a resident AV. About 5 years ago, I removed the last AV and anti-malware from my system and haven't looked back. After switching to a default-deny policy enforced by HIPS, firewall, and web content filtering, my PCs have never been faster or more stable.

    Contrary to popular opinion, AVs are just one option for enforcing one type of security policy, default-permit. Most people aren't familiar with other security policies or the apps that can enforce them. This is primarily because the industry doesn't promote them, not because they're ineffective, but because they aren't as profitable for them. Security policies based on default-deny, containment, or reboot to restore (and the apps that implement/enforce them) don't require constant updating to remain effective, which ends the dependence on the vendor.

    If you understand your system and how the infection process works, there is nothing foolish about not running an AV. No AV does not mean your unprotected or naked. It's just what the industry has been feeding everyone for years.
     
  4. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Thanks, glad it was not AE.
     
  5. iScream

    iScream Registered Member

    Joined:
    Jan 29, 2011
    Posts:
    21
    Uh. How would my browser get hacked? I'm not a new guy who clicks all shiny text. And I use MVPS hosts file. So most of the ad and all is not even getting to my browser. And as I mentioned above, if I download questionable things I have a sandbox and virustotal for it. The reason why I have MB is to catch ITW viruses, again. Most of the viruses are socially engineered, and require like 2+ steps to get infected, so even if they are 0day, let's say at least -50% to get me infected. And there is Windows Defender (lol) too. Plus EMET.
    Well sure you can say that legitimate sites can get hacked and include exploits. But chances for that are < .1%. And perhaps they wouldn't be new to MB or WD. probably overcomplicated this post but yea.
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    lol you think the industry doesn't promote them because they aren't as profitable? True to an extent... no one would buy them. People like default-permit. Default-deny is a pain (which is exactly why it doesn't work) for average users who just want to install a product and forget about it. That is why big companies don't bother investing.
     
  7. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    71
    Very interesting. Just curious, could you tell us what applications you use to enforce your policies? Are they free?
     
  8. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,782
    Very true and very well said. :thumb:
    Policy based HIPS with a two way firewall and Light Virtualization setup here makes for a very strong computer security setup/policy, much lighter, faster and more secure then any AV I've tried in the past.
    I've not been infected sense going AV free now for about four years much unlike when I did run an AV.
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That logic would apply to default-deny and the average user, but it doesn't hold true for policies based on containment or reboot to restore. Both of those could be implemented and run with very little user interaction or education.
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Reboot to restore would require user interaction. Otherwise how would they ever install programs? The user would need to set points to restore to and manage it themselves. Boot to restore would at least be easier for undoing drive-by malware but if it were ever common it could by bypassed by:
    1) direct disk access, i would think
    2) dropping a backdoor in the router by opening a port through protocol spoofing
    3) temporary attacks that are non-persistent and simply do their thing while the computer is on

    Isolation would either have to be handled by the developer or the OS or both. It's possible but someone would have to maintain it if not the user.
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The HIPS is System Safety Monitor. The firewall is Kerio 2.1.5. Web content filtering is performed by Proxomitron and a few browser extensions. These are all older, unsupported freeware apps that have stood the test of time. They don't work on anything newer than XP. All of these are rule based applications and are not suitable for the casual user. I use these to implement default-deny on multiple operating systems from Win 98 to XP.
     
  12. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    All of those would work against an AV that doesn't recognize the threat as well. Backdooring the router would work regardless of the OS or it's security package.

    Yes, it requires some user interaction and some common sense. So do UAC prompts. For the so-called "typical user" who can't or won't learn anything about their PC, nothing is truly effective. These users should be using read only network terminals, not PCs.

    That said, the industry is not interested in offering any solution that doesn't require the user to pay continuously. The AVs are increasingly ineffective. That's one of the main reasons they are bundling HIPS and other components with AVs, trying to keep AVs looking viable. AFAIC, the AV components are just about worthless. They should keep the other components and throw out the AV, but that would kill their cash cow.
     
    Last edited: Apr 27, 2012
  13. tomazyk

    tomazyk Guest

    :thumb:
    I'm also with no real time AV for some time now and am probably not going to use it any more.
    Adding AV to my setup would probably lower my overall security. IMO there are far greater chances of AV finding some false positives than saving my system from real danger. So no real time AV for me.
     
  14. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    You got the oldies but goodies.:thumb:
     
  15. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Awesome relics that convincingly shut away potential forced intrusions better then any AV i ever used. :thumb:
     
  16. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I agree and you Easter have some goodies as well.Makes me wish I was on XP still and had them in my collection.
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    There are times when I wish I were still on Win2k. Those were the days... :)
     
  18. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,294
    Haven't used an AV for close to 10 years now,3 years with current combo.

    Not sure whats more hilarious,the ones that say"Your gonna be infected,just give it time,you'll see" Or wait til the "zero day malware gets you"

    Tell you what,I'm bored with malware,viruses,exploits,etc.etc,etc. I've played with them ALL. I've played on the darker side of the net,and boys let me tell you,it's wayyy overblown. Gone are the days of sitting behind the PC testing malware against this combo or this one,instead I find myself having more fun with my other hobbies.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Congratulations on naivete.
     
  20. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I hear ya. I hear that stuff all the time about several things, no AV, my choice of operating systems, etc. The one question that really cracks me up is "If you don't have an AV, how do you know you're not infected?" Makes me want to ask "How do you know your AV isn't missing an infection?"

    Playing with security apps and testing my setup has got very boring. It's always the same. Exploit didn't work. Malware couldn't execute. Access denied. Gets even funnier when you launch a piece of known malware and get a missing dependency error or "A device on the system is not fuctioning." Unless it's something that looks particularly interesting, I don't bother to check any more.
    ya, the days when you could look at an OS and see a use for most of its components, not a mass of stuff you'll never use. Been thinking about reinstalling 2K as well, just to try out some of the unofficial upgrades being made for it. Don't really have the room for another operating system that I'd rarely use or the time to experiment with more projects. It would end up like XP on my setup, used for one or 2 things that don't run on my default OS.
     
  21. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I don't know, I'm kind of with Boost on that. The media (and plenty of security companies and other folks in the industry) will always send out the horror stories and doomsday warnings. The security problem boils down to too many years of lazy coding and careless admins. That is it, there aren't millions of hackers out there chomping at the bit to get anyone, there aren't millions of new pieces of malware coming out daily (that's the biggest load of BS there is). It's simple carelessness, nothing more.

    I've been on the net as we know it, for as long as people have been able to get on it. In that time, from the early days of joke-ware to these days of "oh my god, every website is a bomb!", I've been hit maybe 6 times? And only one was so troublesome I decided to just start over. That was way back before all these new tricks were even thought of.

    There's nothing out there that is "scary" now, just like there wasn't back then. Do you need to watch a bit more now than you did then? Yes. Is there danger around every single corner? No. Keep things updated, try to control scripting if you can, and there's very little that can be done, let alone very little the bad guys will try.
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Thinking that you've seen the worst of the worst because you hopped on TOR is naive. Thinking that the worst thing out there is the crap on malwaredomainlist? Come on. Yeah, that's the automated malware you'll run into and I'm sure you can have virtually any decent program and it'll protect you on the off-chance you run into something but pretending that that's all that there is to security is flat wrong.

    You can disable DEP across XP. Turn it off completely. And you honestly might not get infected just because you're running EMET or some AV. Are you secure? Hell no.

    It's just silly to pretend that you've seen "what's out there" by dealing with automated malware and looking around the deep web.
     
  23. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    6,039
    Location:
    Parallel Universe
    I agree :thumb:
     
  24. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    No AV here. AV is not important if there is common sense.
     
  25. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,868
    just lol. kerio is idd outdated and not state of the art. proxo works on win7.
    but the best - xp - lolagain. for now its ok, but after 2014!?
    SSM same - its not developped any longer, website is offline - also outdated.
    you dont really think that outdated software can catch actual behavior?

    i dont know where but it must be a very nice experience to test your system
    versus actual java trojans through browser.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.