CyberGhosT's "No-Sig" Configuration

[SHvFl]

05/23/2017
Removed all security software except for what I am testing (HMP.A)
Main Protection:
DeepArmor 36
VoodooShield 3.59
I was going to do this next week but I had today off, and after chatting with A DeepArmor Rep I decided to take the leap.
Remember I was Sig-less back when it was a fairly new concept, well now my config will consist of mainly AI based Software.
Yes I know VS is not a truly "AI" software but it fits the bill, and DeepArmor is as close as we can get today with it's cognitive approach and has done well on my machine for quite some time. I heard all the naysayers opinions about such software, but as I heard, I watched DeepArmor improve in leaps and bounds, that lil company (Spark Cognition) based out of Texas really hit it out of the park reguardless of the opinions of the critics.
Remember I have always said "it's lurking in the background" where DeepArmor was concerned, well not anymore, it is first and
forefront where it belongs.
View attachment 151907
Barring any security issues it and VoodooShield will be my "go to" solution.
I will finish testing HMP.A seeing I gladly obligated myself and enjoy testing, but after that it will only be VS & DA
I will keep HMP for a "On Demand" scanner, and clone this setup as my default tonight.
As always if I have any issues I will post them here.
PeAcE

I would suggest a form of sandbox for your vulnerable applications(browser/pdf/media/office) because if you fail with an alert or the 2 products fail to identify an exploit then you are infected. These apps have exploits often but ok i can understand not needing one if you don't download much.

 

[_CyberGhosT_]

Ok, no more DeepArmor for a while
I am strictly running the HMP.A & VoodooShield combo
I want to see if just these two with no crutch or added support can defend my system.
Seeing the CTP beta builds have taken HMP.A in the right direction I feel this is a good idea.
I also want to see if there will be any system resource usage level changes, I see recently that
some are saying that DeepArmor is having a negative impact for them, and not just here I have seen this in other places as well so it is worth looking into.

I will clone it in this weekend if I have no issues.

 

[Handsome Recluse]

I find I can protect myself with just updated browser and adblocker. Would it really matter as a non-mainstream type of home user?

 

[_CyberGhosT_]

I find I can protect myself with just updated browser and adblocker. Would it really matter as a non-mainstream type of home user?

That's a good question brother, one I can't answer. You and I both know that behavior is key, for example our surfing and
download habits, as well as the level of people that have access to the machine. While these play a big role I think that the
direction Malware authors are moving in may make it not feasible to run such a stripped down setup and not be very nervous
lol. I get your point though, and being human if you make a mistake running a config that stripped down, you may pay for it
dearly. I hope that made sense brother ?

 

[_CyberGhosT_]

@TerrakionSmash
Another Config I have used is VooDooShield and W.A.R I like it a lot, but I get nervous
about the lack of surf protection. I do utilize AdGuard for PC so I have system wide
protection, but I still get nervous, having something like HMP.A alleviates that nervousness.
The VS & W.A.R config usually lasts about a week before I give into the dread lol

 

[Quassar]

@_CyberGhosT_ meaby add some Virtualization of Sandbox for facing app.... ?? To work with untrusted apps like Browser/mails client, office and some kind pdf documents. etc.

BTW.. Have you backup on extra extended disk ?!

 

[Handsome Recluse]

I wish there was research somewhere though on the percentages of attacks that mitigates social engineering vs no user interaction attacks using various practices on enterprises . Maybe more granular.

 

[_CyberGhosT_]

@Quassar Hi
I utilize Macrium and clone, its a little time consuming but I love it and have got used to doing it. I do create regular system backups though in between cloning. My clones are on dual drives, I buy in pairs, I have 2 for Windows, 2 for my Linux setup, and a couple more for storage.
On the Sandbox issue, I may add ReHips and just run FireFox in it. I want to settle on a config though before I dedicate to a sandbox type app.

 

[_CyberGhosT_]

I wish there was research somewhere though on the percentages of attacks on enterprises because of social engineering vs no user interaction. Maybe more granular.

Maybe @danb can help us with some places to get those kind of stats or at least point us in the right direction ?

 

[Quassar]

@Quassar Hi
I utilize Macrium and clone, its a little time consuming but I love it and have got used to doing it. I do create regular system backups though in between cloning. My clones are on dual drives, I buy in pairs, I have 2 for Windows, 2 for my Linux setup, and a couple more for storage.
On the Sandbox issue, I may add ReHips and just run FireFox in it. I want to settle on a config though before I dedicate to a sandbox type app.

Yea ReHIPS is rly awesome... i think about replace it on my 2nd pc but currently i stay with Sandboxie/SpyShelter
at last you can try NVT ERP i just cant wait when he relase enchanced version

 

[_CyberGhosT_]

Yea ReHIPS is rly awesome... i think about replace it on my 2nd pc but currently i stay with Sandboxie/SpyShelter
at last you can try NVT ERP i just cant wait when he relase enchanced version

Ok, thanks Quassar

 

[FrFc1908]

cg : your config amazes me vato! I think personally I could not do such a config like you , I must say I have toned it down a large portion , so it not such overkill as it was a way back.....the only problem I have that I cannot imagine a life without signature based detection

 

[_CyberGhosT_]

cg : your config amazes me vato! I think personally I could not do such a config like you , I must say I have toned it down a large portion , so it not such overkill as it was a way back.....the only problem I have that I cannot imagine a life without signature based detection

There is nothing wrong with that my friend, this type of a config will only work if your 100% comfortable with it.
If your not it is best not to do it. It took me time as well, to become comfortable with it, I cant tell you how many times
I went back and forth. If you are making progress just remember there is nothing wrong with applying it at your pace.
At a pace that is comfortable for you and allows you to adapt over time. Thanks for the feedback brother and RoCk On

 

[FrFc1908]

There is nothing wrong with that my friend, this type of a config will only work if your 100% comfortable with it.
If your not it is best not to do it. It took me time to, to become comfortable with it, I cant tell you how many times
I went back and forth. If you are making progress just remember there is nothing wrong with applying it at your pace.
At a pace that is comfortable for you and allows you to adapt over time. Thanks for the feedback brother and RoCk On

spoken like a true gentleman! it is hard to kick old habbits

 

[shmu26]

I see recently that
some are saying that DeepArmor is having a negative impact for them

Last time I emailed them to complain about it, they said "This is something that should be addressed and updated on our next build."
That was on May 24th, I don't know if they pushed an update since then.

 

[BugCode]

Veeery nice brother! Like usually Pretty much your taskbar on rightside down look similar than mine one laptop config. Thanks for your share.
- BC

 

[frogboy]

I am sure it suits you my good friend but not so sure your config would suit my amateur knowledge and my config.

 

[enaph]

cg : your config amazes me vato! I think personally I could not do such a config like you , I must say I have toned it down a large portion , so it not such overkill as it was a way back.....the only problem I have that I cannot imagine a life without signature based detection

You still have WD on Windows 10 which is pretty good.

 

[frogboy]

Do you still have WD enabled on Windows 10. If so I understand your config more, if not not so sure. Oh crap just ignore my posts.

 

[BugCode]

I quess CG has disabled WD....