SECURE Ctrlz's Security Config

Discussion in 'Security Configuration Wizard' started by ctrlz, Mar 20, 2017.

  1. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    Most recent changes:
    21/03/2017
    Operating System:
    • Windows 10
    OS Edition:
    Pro
    OS Architecture:
    64-bit
    User Access Control:
    Always Notfiy
    Firewall:
    3rd Party Firewall
    OS Security Updates:
    Automatic Updates
    OS File Reputation:
    • Smartscreen for Windows 10
    Type of User Account:
    Local Account
    Recent Malware Attacks:
    No
    Testing AV's with Malware Samples:
    Inside a Virtual Machine
    Real-time Malware Protection:
    CIS
    On-demand Scanners:
    Emsisoft Emergency Kit
    Security Product Settings:
    Custom
    Browsers and Extensions:
    Chrome, HTTPS Everywhere
    Preferred Search Engine:
    DuckDuckGo
    Password Manager:
    LastPass
    Content Blocker (Ads, Scripts, Trackers):
    uBlock, Avira Browser Safety
    Frequently used System Utilities:
    Ccleaner
    Frequency of Data Backups:
    Custom Backups
    Data Backup Software:
    AOMEI backupper
    Frequency of System Image Backups:
    Manual / On-demand Backups
    System Image Backup Software:
    AOMEI backupper
    Hi,
    I'm looking for a safe, quick, free and easy-to-mantain security configuration.
    Actually I'm using CIS, it seems a good balance between easy-to-use and all-in-one product, even if I find it very different from what I remember (version 5 or so).
    Whitelisting and sandboxing make hips, imho the main suite power, almost useless:
    • if an app is trusted, can do almost everything -> no alert
    • if an app is untrusted, it is sandboxed -> no alert
    Open to any suggestion or alternative configuration
     
    #1 ctrlz, Mar 20, 2017
    Last edited: Mar 21, 2017
  2. Exterminator

    Exterminator Super Moderator
    Staff Member

    Joined:
    Oct 23, 2012
    Messages:
    11,621
    Likes Received:
    39,957
    OS:
    Windows 10
    AV:
    Kaspersky
    I would consider some type of system/data backup solution.
    Both Macrium Reflect & AOMEI backupper offer good free solutions.
    Consider an additional on demand scanner(s).
    You might consider enabling Smartscreen.
    Other than the lack of a backup solution your config looks good.
    Thanks for sharing it with us :)
     
  3. Arequire

    Arequire Level 9

    Joined:
    Feb 10, 2017
    Messages:
    402
    Likes Received:
    1,017
    OS:
    Windows 7
    A few improvements I feel can be made:
    • Set UAC to Always Notify.
    • Turn on Smartscreen.
    • Consider ditching CIS and using Comodo Firewall instead. It can be used on its own if it's configured properly or with a supplementary third-party AV. Whether you decide to switch or not, I strongly suggest using these settings that come highly recommended by our resident Comodo expert, @cruelsister.
    • Add a secondary on-demand scanner. Zemana Antimalware is my preferred one.
    • Add HTTPS Everywhere and Avira Browser Safety to Chrome.
    • You haven't listed a backup solution, so if you're in need of one I personally use AOMEI Backupper for both data and image backups. Others will recommend Macrium Reflect for image backups.
    Besides the points listed your config looks solid. Thanks for sharing. :)
     
  4. LanDude

    LanDude Level 6

    Joined:
    Jan 6, 2017
    Messages:
    299
    Likes Received:
    1,071
    OS:
    Windows 8
    AV:
    Comodo
    Set User Access Control to max, HTTPS Everywhere for browser and a good backup utility( look @Exterminator), you can also add Zemana Antimalware to on demand scanners.
     
  5. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    Hi, thanks for the replies.
    • I use Rollback Rx free for daily OS and data snapshots, anyway my main data are also synched with dropbox/gdrive so I don't feel the need of a new backup system. Anyway I'll read about suggested products (never used)
    • I used Comodo Fw alone long time ago, but now I'm using CIS because i feel that an Av (even if not the best) can be useful. Currently using an aggressive custom configuration, based from the proactive one. BTW I'll give a try to the suggested config guide
    • I'm going to apply other suggestions :)
    Thanks
    Ctrlz

    Edit:
    I've seen the configuration video, I never noticed that CIS does not virtualize some directories in proactive mode, so I immediately changed that checkbox. Thanks :cool:
    For other settings, I usually prefer to see alerts instead of autoblock and/or restrict: Comodo whitelist isn't so large, and that auto-restriction level of unrecognized files will cause more problems than benefits (what application would be able to work properly?)
     
    #5 ctrlz, Mar 21, 2017
    Last edited: Mar 21, 2017
  6. Umbra

    Umbra Moderator
    Staff Member

    Joined:
    May 16, 2011
    Messages:
    15,362
    Likes Received:
    20,090
    OS:
    Windows 10
    AV:
    Default-Deny
    Enable Smartcreen. There is no valid reason not to use it.
     
    public enemy and LanDude like this.
  7. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    • Enabled SmartScreen
    • Set UAC to max level
    • Installed Zemana antimalware
    • Added Avira Browser Safety and HTTPS Everywhere extensions
     
    frogboy, ZeroDay and LanDude like this.
  8. JM Security

    JM Security Level 25
    Trusted

    Joined:
    Apr 12, 2015
    Messages:
    1,429
    Likes Received:
    11,914
    If you added HTTPS Everywhere, please update the thread fields (under "Browser and Extensions").

    You are protected.

    Thanks for sharing.
     
  9. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    I had problems with Rollback RX.
    After a startup defrag my system was unbootable (I have an SSD), so I installed ubuntu to reinstall windows, and now I have a dual boot system. I like the way Rollback works, with just a few seconds you can take full-system images and restore them, when it doesn't break everything.

    Are there free alternatives to Rollback rx? With the same easy and strengths points.
    Thanks
     
    TerrakionSmash likes this.
  10. frogboy

    frogboy Level 61
    Trusted

    Joined:
    Jun 9, 2013
    Messages:
    5,073
    Likes Received:
    47,852
    OS:
    Windows 10
    AV:
    Emsisoft
    I would like to suggest a backup solution such as Macrium Reflect or Aomei Backupper both have good free and reliable version. ;)
     
  11. maanastr

    maanastr Level 3

    Joined:
    Mar 1, 2013
    Messages:
    124
    Likes Received:
    212
    More addition to this: Try CCleaner or Privazer to clean junk files. Emsisoft emergency kit is great option you can use as on demand scanner. If you want to use paid av then I can say Eset or Kaspersky are good option over CIS. Overall config is good
     
  12. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    Removed ubuntu, removed grub fixing the windows bootloader.
    Moved windows partition left to use the unallocated space (that wasn't contiguous on the right), then re-fixed the bootloader.
    After 3 hours, finally installed AOMEI backupper :D

    Edit: also replaced Zemana with Emsisoft Emergency Kit, it feels good and it is portable
     
    #12 ctrlz, Apr 8, 2017
    Last edited: Apr 8, 2017
    maanastr likes this.
  13. maanastr

    maanastr Level 3

    Joined:
    Mar 1, 2013
    Messages:
    124
    Likes Received:
    212
    No need to replace Zemena as both not interfer with each other. Even you can add Malwarebyet too in your on demand scanner list
    Also regularly clean your pc with Ccleaner. Do dfreagmentation once in a month by windows default defragment tool or you can use third party software like Auslogics Disk Defrag (personally I am using this and found fast n secure ) or Defraggler or Puran Defrag..
     
    #13 maanastr, Apr 8, 2017
    Last edited: Apr 8, 2017
    ctrlz likes this.
  14. ctrlz

    ctrlz Level 1

    Joined:
    Mar 20, 2017
    Messages:
    39
    Likes Received:
    102
    I'm evaluating a switch from CIS to CFW + AV.
    What AV do you recommend? I tried Avira but it slows down the pc :(
     
  15. inuyasha

    inuyasha Level 3

    Joined:
    Apr 9, 2017
    Messages:
    106
    Likes Received:
    369
    OS:
    Windows 10
    AV:
    Microsoft
    Windows Defender :)
     
    shmu26 likes this.
  16. brod56

    brod56 Level 5

    Joined:
    Feb 13, 2017
    Messages:
    226
    Likes Received:
    654
    OS:
    Windows 10
    AV:
    Default-Deny
    Windows Defender+Comodo Firewall (cruelsister's settings) is all you will ever need.
     
  17. _CyberGhosT_

    _CyberGhosT_ Level 44
    Trusted

    Joined:
    Aug 2, 2015
    Messages:
    3,383
    Likes Received:
    21,791
    OS:
    Linux Mint
    AV:
    Default-Deny
    + 1 :p
    And welcome to the best damn site on the planet :)
     
    shmu26 and frogboy like this.
  18. shmu26

    shmu26 Level 36

    Joined:
    Jul 3, 2015
    Messages:
    2,525
    Likes Received:
    7,062
    OS:
    Windows 10
    Qihoo 360 is a popular AV for use with CFW, because it gives you strong BB, and Avira and/or Bitdefender engines. I don't use it, but others do.

    Right now, I am trying out CFW + Voodooshield + Windows Defender. So far, so good.

    I must admit that I have spent plenty of time complaining about both CFW and VS. I guess I have a love-hate relationship with these softs.
     
    #18 shmu26, Apr 30, 2017 at 4:37 AM
    Last edited: Apr 30, 2017 at 5:23 AM
    public enemy, ctrlz, brod56 and 2 others like this.
  19. maanastr

    maanastr Level 3

    Joined:
    Mar 1, 2013
    Messages:
    124
    Likes Received:
    212
    If you want to use non chinese free, then Pand free will be a option for you. Otherwise Qihoo 360 is good ( only the thing awefull in qihoo is FP. So you need to take care about it).
     
    ctrlz likes this.
  20. Arequire

    Arequire Level 9

    Joined:
    Feb 10, 2017
    Messages:
    402
    Likes Received:
    1,017
    OS:
    Windows 7
    Any free AV will do honestly. Adaware, Avast, AVG, Avira, Bitdefender, Fortinet, Microsoft, Panda, Sophos, Qihoo. Each has different features and I'd suggest giving them all a try and see which you prefer using. The AV is only there to catch any known threats and lessen the work of Comodo's sandbox; it won't add much to the overall protection anyway so the choice is entirely up to you.
     
    #20 Arequire, Apr 30, 2017 at 1:11 PM
    Last edited: Apr 30, 2017 at 1:16 PM
    frogboy and ctrlz like this.
Loading...
Other threads that you may like Forum Date
Google Meet Google's 'Security Princess', The Reason You Feel Safe Browsing The Web On Google Chrome Browsers and Extensions Yesterday at 3:12 AM
Defenx Security 2017 Other Security for macOS and Linux Friday at 9:59 AM
CAUTION Rizki's 2017 My security config Security Configuration Wizard Friday at 2:47 AM