Advice Request About KIS: Can it be configured as a Default-Deny?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
abdou17

abdou17

Level 2
Thread author
Verified
May 3, 2013
82
Hi, i've got a free license for KIS yesterday from a freind
MY QUESTION : can KIS be configured as a Default-Deny like CF with CS settings ??
 
  • Like
Reactions: Sunshine-boy
Mahesh Sudula

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
abdou17 said:
Hi, i've got a free license for KIS yesterday from a freind
MY QUESTION : can KIS be configured as a Default-Deny like CF with CS settings ??
Click to expand...
KIS itself is strong enough on its default than CF...
if u want to tweak enable trusted application mode(un necessary) in my opinion..
set recommended scan (across all boards) to high...Enough right ?...
I would better recommend u to leave it at its default..since tweaking may give u few false alerts..and doesnt allow any untrusted (unsigned) publisher files to run
Since CF is a kind of HIPS made which totally lies on Cloud File reputation../ KIS is an complete AV suite...they don meet in same criteria to me..KIS Rollback is more than enough in (100%) of the cases
If u are a fan of CF why not pair it with KAF /
 
Last edited:
  • Like
Reactions: ZeroDay and abdou17
abdou17

abdou17

Level 2
Thread author
Verified
May 3, 2013
82
Mahesh Sudula said:
KIS itself is strong enough on its default than CF...
if u want to tweak enable trusted application mode(un necessary) in my opinion..
set recommended scan (across all boards) to high...Enough right ?...
I would better recommend u to leave it at its default..since tweaking may give u few false alerts..and doesnt allow any untrusted (unsigned) publisher files to run
Since CF is a kind of HIPS made which totally lies on Cloud File reputation../ KIS is an complete AV suite...they don meet in same criteria to me..KIS Rollback is more than enough in (100%) of the cases
If u are a fan of CF why not pair it with KAF /
Click to expand...

i'll rather use KIS or CIS than CF+KFA because of conflict (sooner or later)
i can handle the FPs, what i want is to lock down the system using KIS if is it possible
 
  • Like
Reactions: harlan4096
Mahesh Sudula

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
abdou17 said:
i'll rather use KIS or CIS than CF+KFA because of conflict (sooner or later)
i can handle the FPs, what i want is to lock down the system using KIS if is it possible
Click to expand...
LOCK DOWN - - - > C I S....Don look elsewhere !..
But think twice before heading to CIS..since cruelsister is advanced user ..he can tweak it and play with him..since he knows to what alerts to respond..
He knows very well about each setting..importantly USER CLIMATE is what matters..and it may suit him..If u know CIS very well its OK..
Otherwise KIS will protect u far better than him (Simplicity Automated)
 
  • Like
Reactions: ZeroDay
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
abdou17 said:
in KIS if you set "change trust group for unknown applications" in application control to UNTRUSTED
Is it necessary to enable TAM ??
Click to expand...
The short answer is no.
However, TAM will apply certain limitations to programs that fall into the in-between trust categories.of low restricted and high restricted. So if you want those limitations, then enable TAM.
I am not using KIS right now, so I am sure you can get more expert answers from other users...
 
  • Like
Reactions: Sunshine-boy, harlan4096 and abdou17
XhenEd

XhenEd

Level 28
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
Theoretically, Kaspersky's Trusted Applications Mode is excellent. It does not merely block and block. According to Kaspersky's official whitepaper, TAM is supposed to prevent certain applications from doing things outside their designed code. This behavior is akin to AppGuard's MemoryGuard. :)

But in reality, maybe TAM isn't as good as what is presented in the whitepaper, as what some users here noticed during their testing or use of it. :D
 
Last edited:
  • Like
Reactions: norman, Sunshine-boy, Captain Awesome and 3 others
v.maroz

v.maroz

Level 1
Aug 20, 2017
7
1) If you want all new programs to be automatically placed in restricted groups and a balun appears (as in the screenshot), disable automatic group selection in program control
1.png

During the installation or auto-update of the legal software it can be manually added to the trusted (using the balun). Everything else will be blocked.
2) Also do not forget to disable automatic decision making.
2.png

3) If you want to Firewall training - configure this:
3a) Configure network rights for the Trusted group - request an action.
Weak restrictions can be put "Deny".
3b) In the "Trusted" group, point the network to the subgroups of Microsoft, Opera, Kaspersky Lab, etc.
3c) Everything new that gets into the "Trusted" - will cause the balun with the question to allow / prohibit / create the rule.
3-1024x612.png
 
  • Like
Reactions: dawnmaster, Itachi Sempai, norman and 7 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
XhenEd said:
Theoretically, Kaspersky's Trusted Application Mode is excellent. It does not merely block and block. According to Kaspersky's official whitepaper, TAM is supposed to prevent certain applications from doing things outside their designed code. This behavior is akin to AppGuard's MemoryGuard. :)

But in reality, maybe TAM isn't as good as what is presented in the whitepaper, as shown in some tests performed by some members here. :D
Click to expand...
Do you have any ideas why TAM doesn't perform as well as it should, or what can be done about it?
 
  • Like
Reactions: Sunshine-boy, Azure and XhenEd
5

509322

shmu26 said:
Do you have any ideas why TAM doesn't perform as well as it should, or what can be done about it?
Click to expand...

What can be done about TAM not working as intended ? Report to Kaserpsky.

Alternative ? Disable all the garbage shipped on Windows that isn't needed using the Application Control toggles instead of using TAM.

Much better alternative ? Use Chromebook or something other than Windows.
 
Last edited by a moderator:
  • Like
Reactions: Deleted member 65228, XhenEd, harlan4096 and 1 other person
A

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
XhenEd said:
Theoretically, Kaspersky's Trusted Application Mode is excellent. It does not merely block and block. According to Kaspersky's official whitepaper, TAM is supposed to prevent certain applications from doing things outside their designed code. This behavior is akin to AppGuard's MemoryGuard. :)

But in reality, maybe TAM isn't as good as what is presented in the whitepaper, as shown in some tests performed by some members here. :D
Click to expand...
Could you provide links to those test?
 
  • Like
Reactions: Sunshine-boy and XhenEd
Status
Not open for further replies.

Similar threads

S
Question How secure is KTS on DEFAULT settings?
Replies
8
Views
467
Kaspersky
Trident
Trident
Xeno1234
    • Like
  • Locked
Battle Best Cheap Security Combo for a Gamer
Replies
24
Views
1,469
Software Comparison
Jengo
Jengo
zkSnark
    • Like
Advice Request Emsisoft Enterprise Security
Replies
16
Views
1,427
Emsisoft
Emsisoft
Emsisoft

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top