CyberGhosT's "No-Sig" Configuration

[Parsh]

@_CyberGhosT_ does the 'Ask to Connect' feature of GW ask for new connections/new apps only or we can set it to alert for connections made by all apps ..?
Their website just states that it will ask regarding new connections/new apps:

while BestVPN review states something different:

Paid-for versions offer ‘Ask to connect’ (which prevents all connections unless you specifically allow them)

 

[_CyberGhosT_]

@_CyberGhosT_ does the 'Ask to Connect' feature of GW ask for new connections/new apps only or we can set it to alert for connections made by all apps ..?
Their website just states that it will ask regarding new connections/new apps:
View attachment 165934
while BestVPN review states something different:

Hi Parsh
It asks on new , but once a app is updated is will tell me the app connecting has been updated, it
notices when the app is updated or changed. I have also noticed it re-asking for permission for some
apps, so that tells me something changes that they notice and alert to, also some changes that trigger
a change that triggers the permission to be revoked. I can't describe this seeing I am unfamiliar with
their programming. A GlassWire rep would know though, I will see if we can get one here, and a rep
from AirVPN too for the other thread..

 

[Parsh]

Hi Parsh
It asks on new , but once a app is updated is will tell me the app connecting has been updated, it
notices when the app is updated or changed. I have also noticed it re-asking for permission for some
apps, so that tells me something changes that they notice and alert to, also some changes that trigger
a change that triggers the permission to be revoked. I can't describe this seeing I am unfamiliar with
their programming. A GlassWire rep would know though, I will see if we can get one here, and a rep
from AirVPN too for the other thread..

Yes it shoots alerts in case of certain changes. I contacted GW support and here's what they said:

I have a technical question regarding the features advertised.
Does the 'Ask to Connect' feature of GW ask for only new connections/new apps, or we can set it to alert for connections made by all apps ..?

Jon: The software asks for connections for all apps, but only the first time. So if you allow IE for example then next time you launch IE it will already be allowed and work.

If it alerts not only for the first time connections, can we set it to alert about connections (made by X app, custom selected) to different remote hosts only or it can alert for connections to the same host again?

Jon: We don't currently deal with hosts because we found host blocking isn't so useful with so many apps using content delivery networks these days, but we hope to add host blocking anyway in the future.

The GW website just states that it will ask regarding new connections/new apps:

while BestVPN review states something different:
Paid-for versions offer ‘Ask to connect’ (which prevents all connections unless you specifically allow them).

Jon: I hope I answered above..

Sure, alerts about repetitive connections can get painful in most cases. Confirmed that GlassWire alerts only for the 1st connection of different apps. I liked their reverse DNS provision for connections. However, I'll discard my thought of purchase now.
Btw thanks for the reply CG

 

[_CyberGhosT_]

For now:
Sleeping: Emsisoft
Added: Sophos Home Premium Beta 1.2.6
Only running it and VS with a "solo" Glasswire, I think I am looking to commit to this config
if it meshes well. I will keep you informed

 

[HarborFront]

For now:
Sleeping: Emsisoft
Added: Sophos Home Premium Beta 1.2.6
Only running it and VS with a "solo" Glasswire, I think I am looking to commit to this config
if it meshes well. I will keep you informed

Does Sophos Home protects in real-time when offline i.e. is it totally cloud-based or has signature download?

Thanks

 

[_CyberGhosT_]

Does Sophos Home protects in real-time when offline i.e. is it totally cloud-based or has signature download?

Thanks

This is what Kim at Sophos had to say on that very topic, here at MT
Sophos Home: Totally free antivirus for home

 

[outlawxtorn]

I like to game, I'm looking for a light combo myself. How's it working?

 

[_CyberGhosT_]

I like to game, I'm looking for a light combo myself. How's it working?

Very well so far, thanks for asking.

 

[_CyberGhosT_]

(For now)
VS is sleeping (Disabled)
Winja 4.1.0 (New) to On-Demand Scanner (Added / Updated)

 

[ForgottenSeer 58943]

For now:
Sleeping: Emsisoft
Added: Sophos Home Premium Beta 1.2.6
Only running it and VS with a "solo" Glasswire, I think I am looking to commit to this config
if it meshes well. I will keep you informed

Have you found Sophos heavy? I noticed, even on a Ryzen 7 machine with NVME drive and 400Mbps connection, Sophos slowed things. Considerably so.

 

[_CyberGhosT_]

Have you found Sophos heavy? I noticed, even on a Ryzen 7 machine with NVME drive and 400Mbps connection, Sophos slowed things. Considerably so.

No, no issues here with Sophos:

But I can understand your comment lol
It is a needy lil bugger, it would take more than that to slow mine, see my build in my profile.
The first time though I saw that process list, I said to myself "there is no way I can game with this running"
But I am fine, if at anytime it does slow, I will dump it faster than a hot potato. lol

 

[boredog]

For now:
Sleeping: Emsisoft
Added: Sophos Home Premium Beta 1.2.6
Only running it and VS with a "solo" Glasswire, I think I am looking to commit to this config
if it meshes well. I will keep you informed

Been testing Emsisoft the past week and at first thought is was prety good but after testing it misses at least 6 out of 70 samples. I compare them ti Virustotal and either they are all false detections or the top rated souloutions are wrong. The next day after submitting more are flagged. One thing I found is you click n ay of the remaing rest of samples , smart screen kicks isn and even if you click ok go ahead Voodoo spites out a VT popup and so thee you go man.

 

[boredog]

Cylance and Crowd Strick ar always righ on.

 

[ForgottenSeer 58943]

No, no issues here with Sophos:
View attachment 170354
But I can understand your comment lol
It is a needy lil bugger, it would take more than that to slow mine, see my build in my profile.
The first time though I saw that process list, I said to myself "there is no way I can game with this running"
But I am fine, if at anytime it does slow, I will dump it faster than a hot potato. lol

Not heavy in terms of processes, but that process list is STUPID.

Heavy in terms of sluggish web page resolution with their web scanner, slower copying files, etc. I suspect I have one of the fastest computers on this forum, with my 3,900Mb/s NVME drive and Ryzen 7 1800X and 16GB DDR3 PC3200.. If a product slows that, it's not acceptable for deployment to our laptops and other devices in the home. It's been 8-9 months since I tried it and the overall performance was unacceptable.

One thing I cannot tolerate is even a second longer web page loading. With my connection speed, ping times, local DNS caching, I demand NOW on my pages.. LOL Sophos totally robbed me of that NOW so it went into the trash bin.

 

[_CyberGhosT_]

Mine is pretty stout and a beautiful custom build from DigitalStorm, the net is no concern, I (by choice) live rual for the privacy and have to have Satellite Internet which is NEVER fast, even on its best day, and I can browse fine, and game online in games like Ghost Recon, The Division ect. and they are net heavy games.
My issue with Sophos is that it's 100% of the time "on line" and the way they manage their own processes is sloppy.

 

[ForgottenSeer 58943]

Mine is pretty stout and a beautiful custom build from DigitalStorm, the net is no concern, I (by choice) live rual for the privacy and have to have Satellite Internet which is NEVER fast, even on its best day, and I can browse fine, and game online in games like Ghost Recon, The Division ect. and they are net heavy games.
My issue with Sophos is that it's 100% of the time "on line" and the way they manage their own processes is sloppy.

Yeah, I moved away from always-online stuff. I don't like it or trust it. I used to be a firm advocate of it but after the update channel compromises and active update hacking, I don't think it can be trusted and makes me worried these days. I think we need to REDUCE our threat surface by reducing always-online things, telemetry, logging, etc. It just exposes us and gives away intelligence (opensource intel) for free.. Make them earn what they want on you, not make it easier.

Unfortunately as time goes on, our options become more and more limited for keeping things tidy on what traverses the WAN.

 

[_CyberGhosT_]

Cylance and Crowd Strick ar always righ on.

I wouldn't touch Cylance with a 10ft pole covered in #&^*$% <--- insert your own word there .
SparkCognition's DeepArmor does the job for me, it's damn good and minus the CIA influence, glad you like it though

 

[HarborFront]

I wouldn't touch Cylance with a 10ft pole covered in #&^*$% <--- insert your own word there .
SparkCognition's DeepArmor does the job for me, it's damn good and minus the CIA influence, glad you like it though

Why you got things the CIA interested in?

DA don't protect you when you are offline whilst Cylance Protect offers online/offline protection.

 

[boredog]

I wouldn't touch Cylance with a 10ft pole covered in #&^*$% <--- insert your own word there .
SparkCognition's DeepArmor does the job for me, it's damn good and minus the CIA influence, glad you like it though

I don't use Cylance anylonger. Didn't like the 60 dollar yearly fee. I was refering to detections on Virus Total.

 

[_CyberGhosT_]

I don't use Cylance anylonger. Didn't like the 60 dollar yearly fee. I was refering to detections on Virus Total.

I hear ya brother, I kind of like VT, and VS makes good use of it, but when I have VS sleeping (Disabled) I have another
secret tool and it allows me to use my VT API :

Heres the API section: