DeepWeb's Security Config
- Thread starter DeepWeb
- Start date
How's it working still? Kind of interested in a set-up like this. Something strong, yet light at the same time. I love to game so lighter is always better to me!Installed Voodooshield and Crystal Security. Extremely happy with my setup. Very light-weight. In addition to that, I made sure to disable Windows Defender by Group Policy, Windows Firewall and that annoying Windows Defender Security Center.
Yes I use a lot of programs, but they don't conflict with each other as long as you whitelist all of them in Comodo Firewall.There is some overlap between Voodooshield and Comodo Auto-containment, but other than that they all complete one another. My goal was layered & light-weight security solution and I think I achieved that surprisingly not by having one internet security solution, but by having many. Almost no CPU usage at all. RAM?
Voodooshield 20 MB
Crystal Security 20 MB
CFW 10 MB
GhostPress 6 MB
MBAE 6 MB
AppCheck 2 MB
0patch 2 MB
64 MB RAM consumed. Yes I included the services as well.
The other goal I was trying to achieve using this is that if something compromised one of the modules, it wouldn't take down the entire security. E.g. if Voodooshield goes down, I still have the firewall, antivirus, anti-exploits, anti-keylogger and anti-ransomware running.
So, which of your software can protect against infected USB devices automatically when you are online/offline?
And how about against Bad USB devices?
And how about against Bad USB devices?
Last edited:
- Jul 1, 2017
- 1,396
It's working well. I have not tested real malware against it yet but I have never been in a situation where one was conflicting with the other. Just using test files, Crystal Security and VoodooShield are the first to respond. Even if I decide to whitelist those, the file gets blocked and quarantined by Comodo Firewall.
If you want to do gaming, VoodooShield and Comodo Firewall's HIPS module will give you a lot of trouble if you don't whitelist the game folders and they don't recognize the game you are playing.
If CrystalSecurity does not detect malicious files right away, VoodooShield and Comodo Firewall with cruelsister's settings both act as anti-exe's that will quarantine any unknown program automatically unless I explicitly whitelist the program in both.
Any potential conflict would probably be caused by Comodo because it has so many modules. I disabled all of them except for Auto-Containment and the Firewall itself. In Crystal Security, I disabled dynamic engine because it doesn't like the updaters of the others. I whitelisted all security products in AppCheck just in case they delete a malicious file and AppCheck thinks a ransomware did it and mistakenly restores the file. But, other than that, none have stepped on the other foot yet because one always reacts before the other does.
I know my setup looks overkill but it really is not.These protect me before intrusion:
1 Antivirus: Crystal Security
1 Anti-Exe: VoodooShield
1 Firewall/Sandbox: Comodo
+Hosts file, Smartscreen, uBlock Origin, Google Safebrowsing, whitelisting Javascript (.com,.edu,.org,.mil,.net,.secure only), DNSSEC resolver
These protect me during/after intrusion (damage control):
2 Anti-Exploits: MBAE, 0patch
1 Anti-ransomware: AppCheck
1 Anti-keylogger: Ghostpress
+MBR Filter, Backup
Last edited:
If CrystalSecurity does not detect malicious files right away, VoodooShield and Comodo Firewall with cruelsister's settings both act as anti-exe's that will quarantine any unknown program automatically unless I explicitly whitelist the program in both.
FYI, none of the said software protect against Bad USB devices. Also, the said software don't scan your USB devices when they are inserted.
- Jul 1, 2017
- 1,396
What programs do you recommend?
edit: went ahead and install Panda USB Vaccine. Thank you!
Last edited:
One other thing.What programs do you recommend?
I'm not sure how effective are VS and Comodo against malware when your system is offline. I know Crystal Security download signatures into your PC for demand scanning only, if I'm not wrong. Crystal Security also has anti-exe feature.
That leaves a security hole in your system. When offline you'll need something(like a BB, heuristics, anti-exe etc) to be able to detect malware in real-time and auto kickstart your AV/AM software to scan. You cannot do this with different software. The most is the particular software detects and auto quarantinee/delete(depending on the setting) the malware, and, as for kickstarting its AV/AM engine to scan I'm not sure of this. Someone maybe can confirm the latter.
However, software for detecting infected USB devices can do the aforementioned. When you insert an infected USB device it, using heuristics, auto detect and quarantinee/delete/prompt the user for action. Well, although not as good as a system AV/AM software it's better than nothing.
Against Bad USB devices I can only think of HitmanPro Alert and G Data products which provide such a feature. You can also get the standalone G Data USB Keyboard Guard for free, here
USB Keyboard Guard | Reliable protection against manipulated USB stick
Last edited:
Why not disable Autoplay entirely? If you disable Autoplay, make sure you set Shell Hardware Detection service is set to manual in services.msc
Please read the use of Panda USB Vaccine
If you need to undo its vaccination of USB devices you'll have to go through the below procedure otherwise you'll need to format the whole USB device
Removing Panda USB Vaccination Without Formatting USB Disk
Tedious, right?
If you are copying a file(with worm, trojan etc) from the USB device over to your PC is Autoplay effective agianst it?
For me, Defender saved me a lot of times. It blocked trojans before scanning the drive.
Sorry, my memory is very bad, i took a look at first page so I assumed he's using WD. Since his/her PC is connected to the internet all the time, crystal security could block trojans and other stuffs.
Yes, that's when you are connected to the net. How about when he's offline and using USB devices?
- Jul 1, 2017
- 1,396
Oh good thing I immediately uninstalled it.
This is horrible.Regarding offline protection I use brain.exe and default-deny. Comodo Auto-containment is set up to contain anything that is not signed. VoodooShield will also default-deny until I connect to the Internet. But do you have some suggestions for offline real time antiviruses?
If you are talking to protect against infected USB devices then there are some like MCShield, USB Disk Security etcOh good thing I immediately uninstalled it.
Regarding offline protection I use brain.exe and default-deny. Comodo Auto-containment is set up to contain anything that is not signed. VoodooShield will also default-deny until I connect to the Internet. But do you have some suggestions for offline real time antiviruses?
They are sig-less and use heuristics for scanning
Similar threads
