Advice Request CFW/cs & NVT OSArmor

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
I am thinking of using this combo on my PC. No AV just these two.

What do you think? Would it be more than adequate, and secure against ransomware, and other nasties using Cruelsister setting?

Good combo using the least amount of RAM?
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
You dont benefit from osarmor with cs settings, osarmor wont have any signatures and only malware with trusted signatures could pass cf.

Also cf + cs wont have hips on, if you keep hips on and run malware with trusted signature, theres chance for hips to find out its malware with fake signatures

I would say cf + immunet( disable clamAV) or either cf as standalone:X3:
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
So bottom line is run CF with Cs settings alone, leave out the extra bloat like AV or extra Malware detection apps, and one should be fine?
 

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,602
So bottom line is run CF with Cs settings alone, leave out the extra bloat like AV or extra Malware detection apps, and one should be fine?
Its enough, but would only be advised for advanced users. If you decide to go with cf+cs only remember to take backups and run on-demand scanners scheduled

cf+cs is cruels setup for average users, i have no idea whats for most advanced users. What i know about comodo is that cf+cs wont have hips on, but if you dont mind about hips alerts it will safe your ass if you accidently let something throught
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
I also have a license for Eset NOD32. What do you all think about running that alongside CF/C's? Overkill?

I will admit that I am not an advanced user, and I always am looking for something that would protect my PC if I accidentally let something through.

I tried just running ESET IS, and as someone elsewhere mentioned, the Firewall rules repeat after a few weeks for some apps that I recognize, even after I allow, and tell it to remember the rule.

Btw, I am running Windows 10.
 

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
I also have a license for Eset NOD32. What do you all think about running that alongside CF/C's? Overkill?

I will admit that I am not an advanced user, and I always am looking for something that would protect my PC if I accidentally let something through.

I tried just running ESET IS, and as someone elsewhere mentioned, the Firewall rules repeat after a few weeks for some apps that I recognize, even after I allow, and tell it to remember the rule.

Btw, I am running Windows 10.
CFW + any antivirus = painful death. Don't trust me, trust science.
 

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
He's not going to pay for Cylance.

Cylance died on this forum a couple years ago because the vast majority of people don't want to pay. Except for a tiny minority, most people won't pay more than $20 on average.

For the purpose of education, I never heard of Cylance or familiar with what makes it special compared to others.

However , I just googled it, and on their website they advertise a consumer smart av for $29 1st year. Seems to me to be like Sophos AV.

It sounds like on the matter of running CF/cs alone or with a complimentary AV or AM, the jury is still out.

Regarding WD, on W10v1803, you cannot even access the old GUI but have to go through the more convoluted WD Security Center. You can't even have a simple informative icon in the system tray like other AVs do.

In other words CF also relies on a Sandbox while others rely on HIPS and their propietary technology. Matter of preference?
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,043
CFW + any antivirus = painful death. Don't trust me, trust science.

Why? Even CS herself says no problem pairing with an AV. You could use Russian, Sophos Free, WD or certain other AVs with no problem. If you use WD turn CFA off though. I believe the cruel one keeps WD running just because it’s there. I did as well when I used CF. And @Gandalf_The_Grey used Sophos Free for awhile with CF. Ask him about his experience. :giggle:
 
Last edited:

RoboMan

Level 34
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,399
Why? Even CS herself says no problem pairing with an AV. You could use Russian, Sophos Free, WD or certain other AVs with no problem. If you use WD turn CFA off though. I believe the cruel one keeps WD running just because it’s there. I did as well when I used CF. And @Gandalf_The_Grey used Sophos Free for awhile with CF. Ask him about his experience. :giggle:
Well I'm pretty sure WD will give no problems, but he mentioned ESET Internet Security. Paid antivirus are suites that will, definitely, interefere with CFW. Besides, CFW has Viruscope and cloud lookup as CCAV so, is it really that needed? I mean, if you're going with CS' CFW then we understand you'll not be facing any zero day....will you?
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,043
Well I'm pretty sure WD will give no problems, but he mentioned ESET Internet Security. Paid antivirus are suites that will, definitely, interefere with CFW. Besides, CFW has Viruscope and cloud lookup as CCAV so, is it really that needed? I mean, if you're going with CS' CFW then we understand you'll not be facing any zero day....will you?

OP said he is not an advanced user, so I assume he wants to add something to CF maybe for a certain level of comfort, which could be a simple AV. That’s my point.
 
  • Like
Reactions: AtlBo and RoboMan

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
625
OP said he is not an advanced user, so I assume he wants to add something to CF maybe for a certain level of comfort, which could be a simple AV. That’s my point.

True a certain level of comfort but unless I misunderstood, no one has yet stated with conviction, that if one were to just use CFCs alone is comparable to using an IS suite with all it's components activated.

Imho, it sounds like some Advanced users here prefer suites or single malware specific software because they like granular adjustments, and understand due to their experience what are the capabilities. (I say this out of respect to the Advanced gurus here, so no insult intended).

Others like myself, seem to prefer software that if properly setup initially, will catch 90 to 100% of malware. I personally do not like Autopilot modes because I always like to know what is happening for major or critical issues. However, I have experienced some software that presented for example the vague message that Rundll32 wants to connect to the internet but never elaborates whether it is safe. I know it is part of the operating system, so I allow it. I think you all understand my point.
 
  • Like
Reactions: AtlBo and RoboMan
F

ForgottenSeer 58943

For the purpose of education, I never heard of Cylance or familiar with what makes it special compared to others. However , I just googled it, and on their website they advertise a consumer smart av for $29 1st year. Seems to me to be like Sophos AV.

Cylance and Sophos share nothing in common. Basically, Cylance Smart Antivirus is a consumer version of Cylance Protect, which is a pure AI/ML product offering with minimalist interface, dashboard control and virtually zero system impact. The more I test Cylance the more I like it. It's powerful. It catches any variances that stray from normal on your systems. It's caught many things on my test systems that have escaped scrutiny from all other AV's.

As long as you have another product or piece of hardware to handle URL filtration, Cylance is robust. But it offers no web filtration at all. In general, it's use in the enterprise/corporate world is under the assumption it's sitting behind a qualified UTM/NGFW, which it is in most cases. So for a home user, I recommend pairing it with Heimdal on the endpoint and/or some sort of URL filtration hardware at the gateway. Preferably Gryphon, but ASUS AiProtection, and any of the other consumer routers with URL filtration would work.

Basically, with Cylance, nothing is executing on your computer and getting away with anything if the AI/ML detects anomaly among the millions it examines pre-execution. This means it should protect against things like update channel compromises and so forth. I've been very critical about Cylance in the past, but as I said - I've found it performing exceedingly well. Especially against simple, stupid threats like a malware author changing a few bytes to bypass a normal AV. That crap isn't getting past Cylance, and Cylance doesn't need signatures or even require internet.
 

Bill K

Level 5
Verified
Jul 25, 2018
221
Cylance and Sophos share nothing in common. Basically, Cylance Smart Antivirus is a consumer version of Cylance Protect, which is a pure AI/ML product offering with minimalist interface, dashboard control and virtually zero system impact. The more I test Cylance the more I like it. It's powerful. It catches any variances that stray from normal on your systems. It's caught many things on my test systems that have escaped scrutiny from all other AV's.

As long as you have another product or piece of hardware to handle URL filtration, Cylance is robust. But it offers no web filtration at all. In general, it's use in the enterprise/corporate world is under the assumption it's sitting behind a qualified UTM/NGFW, which it is in most cases. So for a home user, I recommend pairing it with Heimdal on the endpoint and/or some sort of URL filtration hardware at the gateway. Preferably Gryphon, but ASUS AiProtection, and any of the other consumer routers with URL filtration would work.

Basically, with Cylance, nothing is executing on your computer and getting away with anything if the AI/ML detects anomaly among the millions it examines pre-execution. This means it should protect against things like update channel compromises and so forth. I've been very critical about Cylance in the past, but as I said - I've found it performing exceedingly well. Especially against simple, stupid threats like a malware author changing a few bytes to bypass a normal AV. That crap isn't getting past Cylance, and Cylance doesn't need signatures or even require internet.
I'm very intrigued by your description of Cylance and like the idea of replacing my existing BD IS 2019 with it along with another product to handle URL filtering. Just a single home PC user, would a Chrome browser extension like Netcraft or possibly the MB extension be suitable? Saw you mentioned Heimdal, would their free version be sufficient? TIA!
 
Last edited:
  • Like
Reactions: ForgottenSeer 58943
5

509322

Regarding WD, on W10v1803, you cannot even access the old GUI but have to go through the more convoluted WD Security Center. You can't even have a simple informative icon in the system tray like other AVs do.

Micorosft made Windows security for IT Pros. It just got packaged into Home because Microsoft wants a generic OS image. When you get right down to it, Windows security and its interfaces are an indecipherable mess for those that don't have the inclination nor initiative to do extensive online research to figure out how to configure it all. Pathetic.

Let Windows 10 WD quarantine a file and see how much fun you have trying to figure out how to do things most other AVs let you do very easily.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top