What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    Sandboxie along with Comodo Firewall ProActive setting. Nice little combo so far. No A/V. Rest as per Sig..
     
  2. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Nice setup... very much like mine. Only my Comodo says it's in "Firewall Security" configuration. I'm not sure what exactly they base it on... which they apply to you. I mean I have my D+ in Paranoid Mode. How much more proactive does it get than that? Maybe you have to use the sandbox module (and autosandboxing too perhaps) to have it as proactive? I have the sandboxing disabled and all boxes unchecked.

    And have my FW in Custom Policy Mode, Very High Alerts, all things in Advanced checked. Treat unrecognized as Untrusted. The 2 cloud options unchecked, the rest checked. All checked in monitoring settings.

    Does it get any more proactive than that? lol... seriously.

    Oh, I also recommend deleting the "vendor.n" file in the "database" folder to clear the Trusted Vendor list. You decide what to trust and not to trust, don't let anyone else decide that for you. Block both cfp.exe & cmdagent.exe in your FW Application rules to prevent it from phoning home. And also remove the Comodo certificate from the Trusted Publishers list (Internet Options) to stop those processes from hurling themselves into the Trusted Files list in D+. These are good steps to harden Comodo and keep it honest (just in case it weren't). Not saying I don't trust it, but why take the chance I figure.

    VT Hash Check is another good on demand scanner.
     
  3. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    They run beautifully and light together. So light I barely notice they're even there. I've been running this combo for years with no problems. Back when I used a real-time AV I found that Avira played the best with them.
     
  4. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,701
    Location:
    USA
    Hey Graf,
    I keep vacillating back and forth between BL and TC. BL won't run on my computers unless I use a key on a flash drive, due to the absence of a TPM.
    TC, while involving a steep learning curve, strikes me as a good way to go, especially FDE.
    I think I will probably start with BL, though, and see if it feels right to me.
    Back ups, as always, will be critical. :thumb:
     
  5. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,701
    Location:
    USA
    Good stuff. :thumb:
     
  6. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I'd like to hear some feedback about this router. I was considering buying the R8000 Nighthawk X6 AC3200 model, but it was a bit pricey for me.
     
  7. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Thanks : ) You know me... anal retentive about this kinda stuff.

    I also disable automatic updating, balloon messages, and the message center in Preferences > General. And also uncheck the box in the "Update" tab for good measure. And disable logging too (for both the FW & D+)... it definitely makes it lighter, silent blocking. Especially for me since I block so much stuff, allowing only what is absolutely necessary. If I didn't disable logging my activity light would flash perpetually from all the packets it's intercepting on their way out.

    Some people don't trust Comodo. Well if you take these steps even if you don't trust it there really isn't jack it can do. Kinda funny relying on the strength of a product to use to block itself, but hey... I also use a kinda similar method to prevent a sandboxed app from even realizing that it's sandboxed, and Sandboxie from realizing it's sandboxing the app. And I trust Sandboxie more than I trust my own mother.
     
  8. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Proper rule for svchost.exe, explorer.exe, and rundll32.exe = Block here on my box.
     
  9. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    Thanks for the tips. Will look into them. So far quite happy with Comodo as it sure is running light. :thumbd:

    EDIT:
    "Oh, I also recommend deleting the "vendor.n" file in the "database" folder to clear the Trusted Vendor list."

    I don't have the "vendor.n" file. More about that here...https://forums.comodo.com/firewall-help-cis-b135.0/-t104371.0.html Also the "database folder" is empty. I don't have cfp.exe file but have cmdagent.exe file.

    Another Edit:
    Luciddream, I see you are using Comodo FW 5.0 that is probably why we would have different settings as I am in 8.0.0.4434.
     
    Last edited: Dec 30, 2014
  10. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,701
    Location:
    USA
    Holy cow! I foolishly thought I was first in line for a lucrative Invincea commercial contract with my "Sandboxie... and then some other stuff" security set up signature.
    But then you come along with "I trust Sandboxie more than I trust my own mother", and all of my hopes are dashed! :D
     
  11. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    That would mean that his mother would be virus free then for sure. :D
     
  12. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Last edited: Dec 30, 2014
  13. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,549
    After trying it for a while, it looks like HitmanPro.A RC3 is going to be staying on.
     
  14. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! G-Data I.S.2015...AppGuard...and SAS Pro...Stay Sicher...My Friends...Lol! Happy New Year...too one and all! Sincerely...Securon
     
  15. guest

    guest Guest

    Whichever you may choose in the end, hope you'll be happy with it. I honestly never have enough courage to enter the drive encryption business. Even with my fallback plan I still feel not taking the risk. :D
     
  16. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Yeah I use 5.10, that's probably the discrepancy here. But I would hope there'd be a way to remove that vendor list in newer versions too. Deleting them one at a time (if you can even do that) would take a year.

    I'd recommend going with 5.10. And 5.12 if you use a web scanning component to a real-time AV.
     
  17. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    Currently running as Standard User Account with only Bouncer and EMET for security software. I like to keep things light and efficient.

    While I try let my setup of multiple OpenWrt routers do most of the heavy lifting. So far I have ad blocking working great on the DNS level which then serves 1x1 transparent image to browsers, and also a basic Snort setup for IDS which I plan to expand further as I gain a better understanding of it. There is more that I intend to add with OpenWrt but with limited powered routers I would need to add more routers to my setup, likely. A poor man's method, I suppose. But it works for me and is fun learning.
     
  18. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,701
    Location:
    USA
    Thanks, Graf. I think I understand your hesitancy.
    I'm not trying to keep DHS or NSA from accessing my hard drives. But I do want to have them encrypted in case they are stolen. BL is native, and doesn't seem to have controversy surrounding it, so I will probably go that route.
     
  19. wolfrun

    wolfrun Registered Member

    Joined:
    Jul 26, 2009
    Posts:
    686
    Location:
    Canada
    I'll be sticking with the 8.0 version as it is working well here. You know the saying, "If it ain't broke, don't fix it." I actually installed CFW out of curiosity as all I was using was the Windows native firewall with no problems. But since CFW is working so well with Sandboxie and so light (which is a surprise) have decided to keep it. The last 3rd party firewall I used was Private firewall but I am liking CFW better. Anyway, back to the hockey game. U.S.A vs. Canada. :cool:
     
  20. wasgij6

    wasgij6 Registered Member

    Joined:
    Mar 29, 2011
    Posts:
    321
    Using comodo firewall with HIPS enabled (sandbox disabled) alongside HMP.alert 3. This is a strong and light combination.
     
  21. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I added Virus Blocker to Untangle, 1 year Subscription. It's Hardware/UTM version of Bit Defender. Very powerful heuristics. So now before anything hits my devices it has to go through;

    Connect Safe DNS
    ASUS w/Trend Micro
    Untangle Hardware UTM w/Virus Blocker(Bit Defender), Virus Blocker Lite(ClamAV), Adblock w/Cookies, PhishBlock, Snort(Intrusion Guard).

    Then finally traffic is allowed to hit individual devices. Pretty remarkable I think.. Here's a picture of my Untangle Rack.
     

    Attached Files:

  22. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    2,015
    Online Armor
    360 TS "Security" config
    MBAE

    Light and strong.
     
  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Chromebooks do not need to be always online, but that is a significant part of its feature set. Sure you can watch videos, play some games, edit documents, etc. But it will be noticeably limited, more so than Windows. That is until you unlock Developer Mode.
     
  24. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
  25. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Yesterday I was bored, so I created a subnet isolation for wireless clients vs wired. Sub-networks can be segregated, which in itself is a huge security upside. Also most virus', threats, spyware and hackers base their attacks on basic network configurations, making a network configuration which is non-standard makes such threats harder to intrude and cause any damage. Restricting network access to potential network intruders is another layer for security in situations where broadcast signals could be subject to snooping or attack.

    I still don't have my network exactly where I want it. I am waiting for ASUS to release a cheaper version w/Trend. Then I can place the cheaper version w/Radios Off on the Gateway as a dedicated hardware Trend Appliance. Then move Untangle UTM transparently on the second tier, and then into a switch, then use the AC2400 ASUS as a WAP on it's own segregated subnet off of the switch with statics. When I reach that point I will have a network security architecture that would function at very nearly defense contractor security level. Just for the hell of it of course.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.