AppGuard - General Impression

Status
Not open for further replies.
meltcheesedec

meltcheesedec

Level 2
Verified
Jul 30, 2017
54
@Lockdown , I always look to your guidance regarding security configuration - i.e., not only AppGuard configuration, but also products alongside of AppGuard.

In light of your Windows Firewall suggestion, can you please comment on the following, related Appguard Technology explained exchange between me and @Umbra ?

meltcheesedec said:
My selfish hope was that by instead migrating to a "OOTB Windows Firewall and locked-down AppGuard" implementation, I could avoid spending any time on firewall configuration (and instead use that time configuring AppGuard).
Click to expand...

Umbra said:
Appguard wont help against outbound connection. What if you install a FUD weaponized legit application that stealthily call home when it shoudn't? it will install on C , so Appguard won't block it, and then it will call home.
The situation you hope for is valid, if like me, you take time to deeply check every program you install.

but even me , i prefer controlling what is going out without relying to a 3rd party controller; even if it is more convenient.
Click to expand...
 
  • Like
Reactions: Tiny and SHvFl
5

509322

Thread author
meltcheesedec said:
@Lockdown , I always look to your guidance regarding security configuration - i.e., not only AppGuard configuration, but also products alongside of AppGuard.

In light of your Windows Firewall suggestion, can you please comment on the following, related Appguard Technology explained exchange between me and @Umbra ?
Click to expand...

@Umbra manually configures Windows Firewall rules.

Learn how to configure AppGuard first and then decide later what you want to do about the firewall. Don't try to learn and do everything all at one time.

If you want to control Windows Firewall, but don't want to manually create rules using the lousy Windows GUI for it, then look at Windows Firewall Control by BiniSoft. It costs $10 for a lifetime of unlimited installs.
 
  • Like
Reactions: SHvFl and meltcheesedec
meltcheesedec

meltcheesedec

Level 2
Verified
Jul 30, 2017
54
Lockdown said:
Learn how to configure AppGuard first and then decide later what you want to do about the firewall. Don't try to learn and do everything all at one time.
Click to expand...

@Lockdown , I know host-based firewall pretty well; my legacy configuration included TinyWall, and I have spent countless hours administering exceptions based on apps, ports and protocols.

I migrated from my legacy configuration containing TinyWall and assorted definition-based security apps to the following "OOTB Windows Firewall and locked-down AppGuard" implementation: Meltcheesedec Security Configuration 2017. @Umbra then stated that he thought OOTB Windows Firewall may not provide sufficient protection:

Umbra said:
Appguard wont help against outbound connection. What if you install a FUD weaponized legit application that stealthily call home when it shoudn't? it will install on C , so Appguard won't block it, and then it will call home.
The situation you hope for is valid, if like me, you take time to deeply check every program you install.
Click to expand...

Whereas in another thread you wrote:
Lockdown said:
The base protections on my test systems:
  • AppGuard
  • uBlock Origin
  • Windows Defender
  • Windows Firewall
  • USB flash drive and DropBox for file backups
This uncomplicated set-up gives high protection. You can ask any long-time AppGuard user if the system ever got seriously infected while AppGuard protections were enabled.
Click to expand...

Questions:
- in the "test systems" you referenced, do you configure Windows Firewall as Out of the Box/default?
- do you feel that "OOTB Windows Firewall and locked-down AppGuard" offers sufficient protection, or do you instead share the same concerns @Umbra noted in the aforementioned quote?
 
  • Like
Reactions: SHvFl
5

509322

Thread author
meltcheesedec said:



Questions:
- in the "test systems" you referenced, do you configure Windows Firewall as Out of the Box/default?
- do you feel that "OOTB Windows Firewall and locked-down AppGuard" offers sufficient protection, or do you instead share the same concerns [USER=178]@Umbra noted in the aforementioned quote?[/USER]
Click to expand...

1. Yes. Behind NAT router no worries about inbound attacks.
2. AppGuard blocks by default so unless you manually allow something it cannot connect to the net.
3. It is sufficient. WFC is a helpful front-end GUI for outbound administration. It is mandatory if you are paranoid that some process is going to sneak onto and violate your system. If you have your wits about you, then you don't need it.
 
  • Like
Reactions: Deleted member 178, SHvFl and meltcheesedec
Status
Not open for further replies.

Similar threads

lokamoka820
    • Like
Hot Take How to Remove or Install a Store App Package for All User Accounts (Provisioned Apps)
Replies
1
Views
104
Windows 11
Bot
Bot
enaph
    • Like
    • Wow
Security News FBI: Chinese State Hackers Breached U.S. Telecom Providers
Replies
3
Views
929
Security News
bazang
bazang
Gandalf_The_Grey
    • Like
Malware News Hackers increasingly use Winos4.0 post-exploitation kit in attacks
Replies
0
Views
230
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top