- Sep 22, 2014
- 1,767
And adding some basic firewall (like Windows Firewall Control or Windows 10 Firewall Control or TinyWall)?
How to set up a security system WITHOUT using AV/AM software?
- Thread starter HarborFront
- Start date
And adding some basic firewall (like Windows Firewall Control or Windows 10 Firewall Control or TinyWall)?
Yes, that's the intent of my post.
FI, I've no experience with those software you mentioned although I know of their existence. I need to slowly work my way through them.
Yes, I'm planning to move in that direction. Will need your help greatly in the future. Thanks
In Chrome I have set Google's SafeBrowsing. Does Windows SmartScreen requires definitions to work? If no, then It's acceptable to me.
As long as no definitons/signatures are required to be used then it's ok to me.
Do you know whether Windows EMET tool uses definitions?
Thanks
Last edited by a moderator:
Only Windows Defender regularly updates its definitions , Smartscreen connect to MS servers to authenticate a program. EMET uses only the users inputs.
If you don't mind me asking, but what is the objection to filtering updates ?
Filtering updates - and even some signatures like hash-only - are usually just tiny updates in *.dat (data) or similar files - as opposed to some of the more complex AV signatures which are larger and sometimes contain executable code.
Filtering updates - and even some signatures like hash-only - are usually just tiny updates in *.dat (data) or similar files - as opposed to some of the more complex AV signatures which are larger and sometimes contain executable code.
Thanks
So connecting to MS server to authenticate is no difference like VS connecting to their server for program authentication. I supposed a list of trusted programs is there for verification and updating by its developer will be required, right? If this is the case then SmartScreen (like VS) don't meet my intent.
Every time I need to manually update! To me they are no difference from signature/definition of AV/AM software. And since I want to have a "signature-less" system then filter updates does not meet my intent.
Why do you have to manually update ?
When you say "filtering updates" I am thinking adblocker, DNS filter, etc updates - and not AV signature updates.
* * * * *
I've been following this thread a bit. For a signature-less config with solid security, you just need to combo a few softs. As I expected you've been hammered by everybody with their concept of what constitutes great security.
You have to arrive at that final decision on your own by evaluating different softs; what works for me personally - on my specific system - might not work for you. Same applies to all the other advice you've been given.
As I said, the same softs will be mentioned over-and-over:
https://malwaretips.com/threads/default-deny-software.64274/#post-551609
You can add Sandboxie to the list in the above link.
I suggest for configuration guidance that you take a look at @Umbra's MT guides - they're all pinned in the soft's dedicated sub-forum. Get the links on the MT front page under Software.
Yes, I'm referring to filter updates in the extension/add-on in Chrome/Firefox browsers. Don't the filters in uBlock Origin and Adguard Adblocker require manual update?
Agree. For a solid sig-less config I'll need a few software just like my current system using AV/AM software. I also need to evaluate the software in question and with some helpful feedback I'll decide what's best for me.
Many users provide helpful contribution but, unfortunately, some software they recommended don't meet my intent. Like the SB which you recommend is one under consideration. However, if I choose to use ReHIPs then SB becomes irrelevant as put forth by one of the members here.
FI, I'm starting to produce a list of software which will meet my intent with the help given so far in this thread and reading from other sections. From there I'll study their strengths/weaknesses, ease of use, level of protection etc before proceeding to selecting them for the set up of my sig-less system. It will take sometime for that to happen, that's for sure, and with further questioning in their respective software section will also be required.
In the event that setting up a sig-less system CANNOT afford a protection level equal to or better than one using AV/AM software then I'll need some from the latter to complement the former.
Thanks
Last edited:
i want warn warn you that ReHIPS is still a beta and not yet user-friendly, if you are not used to diagnose issues, better avoid it. Sandboxie free (or paid) + one of the combo i mentioned will be better for you.
Yes, I'm aware of that and that's the reason also I'm unwilling to try an unfriendly beta.
FYI, I did install SB recently but then realized it default to MS Edge browser which I'm not using. To use Chrome and Firefox I'll need to pay for it. So I took it off. I'm still considering whether to pay or not for now.
Thanks
No manual update required for both uBlock Origin or Adguard. Here is screenshot of uBlock Origin dashboard (essentially the same with Adguard but no screenshot shown):
PS - Default-deny config - whether you use a single soft, combo or tweak an internet security suite to be default-deny - will always trump any signature-only config.
At the moment, I use on 3 systems:
- AppGuard on all systems
- uBlock Origin or Adguard
- And let Windows Defender and Firewall do their thing
That's it...
- If I malware test, then I disable Windows Defender and add Rollback RX.
That's it...
- If I have to take laptop to public wifi hotspot (extremely rare for me), then I add Webroot.
- When I bring system home, I promptly remove Webroot.
That's it...
1- Sandboxie doesn''t work with Edge
2- Nope Sandboxie is free for chrome/FF and all variants , the only difference between free and paid version, is that the paid one automatically force the browser in the sandbox, free version you have to sandbox the browser manually.
Ok, saw it now. I supposed it's enabled by default. But I think I'm impatient because each time when I go into uBlock Origin and click 3rd-party filters I always click the 'Update now' and sure it shows the orange color filters which need to be be updated. Don't understand why it did not update before I click them
Thanks
Last edited:
OK, I might have seen wrongly. It could be IE. When I saw that and when I tried using Chrome/Firefox I just gave up instantly when it requires me to pay.
Maybe I should have read more on SB before trying it.
Thanks
You are right. My default is Edge/IE (I don't know which) but I'm frequently using Chrome and Firefox because they're more secure and come with many extensions/add-ons to play with.
I think if SB can allow user to select only one browser during installation then it would be better. If user wants to have more browsers then he'll need to pay for it.
Thanks
Sandboxie is only worthwhile if you use paid version. At $50 lifetime license for up to 3 installs on separate systems it is a very good deal.
If you want fully functional sandbox for free, then the only option available is COMODO - and I don't recommend that for you right now. It requires at least intermediate IT knowledge and it has a lot of unexpected behaviors that you will not understand. Plus, the settings\configuration will be a bear wrestling match.
When using Sandboxie, you have to set the default browser to IE, Chrome or FF. Then SBIE will auto-detect and create a desktop sandboxed browser launch shortcut.
Talking about COMODO. I gave up on it too. I tried installing them before on my Windows 10 Pro MS SP3 but they failed to install. This is a known problem even at COMODO's forums.
Finally, I think I found the solution in one of the net's forums. I'll need a fresh-install OS and immediately install COMODO's products. After that then proceed to install other software. And each time when I screwed up my system and re-formatted it COMODO just did not come to my mind then.
Yah, I did read about its complexity and weird behavior as well. Now, I'm aiming for Emsisoft AM 12 as I already have Xvirus Personal Firewall (free) installed. Simple Allow/Deny firewall which stealth ALL my ports that even my previous Privatefirewall can't.
Similar threads
