- Jun 14, 2011
- 1,789
What is the point of using any adblocker without updated filtering rules?
How to set up a security system WITHOUT using AV/AM software?
- Thread starter HarborFront
- Start date
- Jan 8, 2011
- 22,361
It can start with the browser, Google's SafeBrowsing in Chrome can decline malicious downloads, block phishing pages and more, likewise for Edge/IE with Smartscreen in-browser.
Is this something you are looking for as part of your security?
I only replied to that poster and asking for his recommendation of a suitable one that meets my requirements. If adblocker is not suitable can you recommend something for my Chrome/Firefox browser?
Do you know how to lookup which version of Windows that you're running - XP, Vista, 7, 8, 8,1 or 10 ?
Desktop - or - laptop ?
- Jan 8, 2011
- 22,361
Look for a Content Blocker.
https://www.reddit.com/r/firefox/comments/3uhy53/what_is_the_practical_purpose_of_things_like/
- Jul 3, 2015
- 8,153
You can combine ReHIPS with most other security softs.
but you don't really need to. It depends on your level of paranoia, and also, how you use ReHIPS.
If you isolate all vulnerable apps, then you don't have any credible security threats to worry about.
Of course, when installing a new app, the burden is primarily on you to decide whether it is safe, because there is no cloud and no malware database. You will only get broad indicators regarding the file's safety rating.
HOWEVER: keep in mind that REHIPS is protecting your file system, but is not protecting you from visiting phishing sites etc. Furthermore, your browser could be exploited, but the exploit will not affect your file system. In this way, it is like Sandboxie.
The thread discusses UMatrix and NoScript. I have read about them but not use them before. Does uMatrix (like Ublock Origin) requires filter updates?
I can consider uMatrix if it doesn't requires filter updates. NoScript definitely don't require.
I'm keeping system protection separate from web protection. I'll tackle system protection first then later come to web protection in a similar manner.
So, if for you, what other software besides ReHIPs would you need to prevent and protect against malwares? Remember the term malware is encompassing all types of malicious attacks. Would using ReHIPs alone be adequate?
This is also a question which I raised in my opening post.
- Jul 3, 2015
- 8,153
I combo ReHIPS with HMPA.
Others combo it with AppGuard -- this is a real lockdown security setup, which is beyond my needs. Depends on your level of obsessive-compulsive perfectionism, and also what you do on your PC.
You think using HMPA without its scanning portion would be good enough with ReHIPs?
Another question. Would these 2 be adequate for online and offline prevention and protection against malwares.....leaving web protection aside first? That is to say now malwares are coming from the USB ports as well through external devices.
He is running Pro - but I don't know which ve
ReHIPS utilizes separate user profiles - similar to the Admin and Standard User profiles in Windows. The ReHIPSUser profile isolates processes from the real system. The HIPS blocks execution. Whatever you allow - if it is malicious - will be contained in the isolated ReHIPSUser profile.
The whole point of non-AV security solution is this simple principle:
1. Clean install OS
2. Install desired softs
3. Install\configure default-deny
4. Lock down system
5. Don't change system afterwards - very rarely - if ever
SInce you start with a clean system, it is locked down preventing system changes, it should stay clean unless you put stuff onto your system that is malicious.
There is no network protections from software restriction policy software, anti-executables, etc. So you will need network protection - but if it is a desktop system then you don't really need it. If it is laptop taken to public wifi hotspots then network protection is needed.
As far as adblocker you are not going to find one that does not require filter updates; you can disable the updates and manually update them once in a while. If you don't want to do that then there just aren't any practical solutions.
All you really need is a single primary protection and a good adblocker like Adguard or uBlock Origin.
The same products will be mentioned repeatedly - AppGuard, ReHIPS, Sandboxie, Shadow Defender, NVT ERP, Voodooshield, Drive Vaccine, etc, etc, etc.
ReHIPS utilizes separate user profiles - similar to the Admin and Standard User profiles in Windows. The ReHIPSUser profile isolates processes from the real system. The HIPS blocks execution. Whatever you allow - if it is malicious - will be contained in the isolated ReHIPSUser profile.
The whole point of non-AV security solution is this simple principle:
1. Clean install OS
2. Install desired softs
3. Install\configure default-deny
4. Lock down system
5. Don't change system afterwards - very rarely - if ever
SInce you start with a clean system, it is locked down preventing system changes, it should stay clean unless you put stuff onto your system that is malicious.
There is no network protections from software restriction policy software, anti-executables, etc. So you will need network protection - but if it is a desktop system then you don't really need it. If it is laptop taken to public wifi hotspots then network protection is needed.
As far as adblocker you are not going to find one that does not require filter updates; you can disable the updates and manually update them once in a while. If you don't want to do that then there just aren't any practical solutions.
All you really need is a single primary protection and a good adblocker like Adguard or uBlock Origin.
The same products will be mentioned repeatedly - AppGuard, ReHIPS, Sandboxie, Shadow Defender, NVT ERP, Voodooshield, Drive Vaccine, etc, etc, etc.
Hi thanks
System Protection
I know those are the software that are often repeatedly mentioned here and elsewhere. The thing I want to know is which are the ones most suited for a "signature less" protection without unnecessary overlapping protection and similar features. Compatibility and conflict will be there if 2 software are functioning similarly like weird behavior, unnecessary alerts, system slowdown, software competing for system resources resulting in one not working, system crash etc.
Like I said ReHIPs is still in beta. Some moths back I tried ESET beta and it screwed up my system. I need to reformat then. I would like to give SB, SD and NVTERP a try first.
Web Protection
Yes, I'm using my MS SP3 outdoor frequently too. Using SafeScript, Random User Agent, Web Defender etc(for Chrome) and NoScript, BetterPrivacy, RequestPolicy Continued, Random Agent Spoofer, HTTPS etc(for Firefox) will definitely help. These are definition-less if I'm not wrong. I'm using those mentioned except for NoScript and SafeScript for the moment besides those adblockers requiring updates.
I may even need to take the risk of letting malwares and other unwanted web content to be downloaded first and then let the system software to take the necessary preventive and protective actions if I take the approach of having a "sig-less" security system
FYI, my paid AdGuard for desktop expired recently and I'm now using its AdGuard Adblocker extension/add-on for my Chrome/Firefox browsers.
Last edited:
- Jul 3, 2015
- 8,153
- Nov 19, 2014
- 2,344
@HarborFront I use Rehips daily for about half a year now without any issues. Note that all releases are first tested by devs, then closed beta and then go in release version or beta request from the open forum.
I am one of those in closed beta and every time i found anything even a small bug it was fixed within a few days and sometimes within hours.
Basically the only reason to not use Rehips beta is to wait for gui to get improved, some usability updates and new features(rule manager, folder isolation,more controlled child application.....etc). Anw requesting beta and trying it's easy so give it a try if you wish and decide on your own. Each has different needs and desires from software.
I am one of those in closed beta and every time i found anything even a small bug it was fixed within a few days and sometimes within hours.
Basically the only reason to not use Rehips beta is to wait for gui to get improved, some usability updates and new features(rule manager, folder isolation,more controlled child application.....etc). Anw requesting beta and trying it's easy so give it a try if you wish and decide on your own. Each has different needs and desires from software.
- Jul 3, 2015
- 8,153
@SHvFl said it like it is.
you can join the beta and get the free demo version, which has a limit of 10 isolated processes per session. This is not enough to run chrome freely (because it is multi-process), but it works for firefox just fine. If you want to remove the said limitation, you need to buy a subscription.
Sorry, too many sudden advises given and I missed your post.
No virtualization technique and its products is 100% bulletproof. SB has its caveats too. SB has no defintion/signature updates nor a prelist of whitelist/blacklist/blocklist by the developer. But program and software vulnerability updates will be required.
For Windows I'm not using Windows Defender so its malware definition updates don't apply. Windows UAC don't use the definitions. As for SmartScreen I'm not sure just like the Windows EMET tool. However, other updates will be required to improve the OS just like any 3rd-party software providing program updates, no? Improvement can come in having new features, plugging of security vulnerabilities, improving its compatibility etc. These are acceptable as far as meeting my intent.
And regarding Default-Deny. All software, even with default-deny (lock-down), cannot 100% shut the system off from connecting to the outside world otherwise there's no chance of the OS to connect out. There'll be some core Windows processes which MUST connect out even with software having default lock-down (default-deny). After that it'll be up to the user to make the right decision to deny/allow the other Windows processes or any software application from connecting out.
Correct me if I'm wrong.
Thanks
Last edited:
- Jul 3, 2015
- 8,153
It sounds to me like you are striving for a lock-down security config with 99.999% reliability, that does not rely on a local or a cloud data base.
If that is the case, the best combo for you would probably be ReHIPS+AppGuard, or NVT ERP+AppGuard.
AppGuard is a bit expensive, and takes some getting used to, but it's very strong protection when configured properly. I am the wrong one to ask about how to configure it, but there are threads on MT you can read.
Of course, a user mistake will bypass any security config.
If that is the case, the best combo for you would probably be ReHIPS+AppGuard, or NVT ERP+AppGuard.
AppGuard is a bit expensive, and takes some getting used to, but it's very strong protection when configured properly. I am the wrong one to ask about how to configure it, but there are threads on MT you can read.
Of course, a user mistake will bypass any security config.
If you want a serious lockdown user-friendly combo : NVT ERP + Appguard ; it was my first combo when i decided to ditch AVs and i kept it for very long.
I only moved to ReHIPS + Appguard because ReHIPS gave me an anti-exe + sandbox in one soft , so i could replace Sandboxie and ERP by it.
If you want a free lockdown user-friendly combo : ERP + Vodooshield would do the trick.
I am a big fan of lockdown combos : i actually use ReHIPS + Appguard + HMPA to cover most of the vector attacks ; on top of them i have some registry/network OS tweaks to tighten my system.
I only moved to ReHIPS + Appguard because ReHIPS gave me an anti-exe + sandbox in one soft , so i could replace Sandboxie and ERP by it.
If you want a free lockdown user-friendly combo : ERP + Vodooshield would do the trick.
I am a big fan of lockdown combos : i actually use ReHIPS + Appguard + HMPA to cover most of the vector attacks ; on top of them i have some registry/network OS tweaks to tighten my system.
Similar threads
