Advice Request KSC Free vs KAV

Please provide comments and solutions that are helpful to the author of this topic.

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,635
Long time I don't install/use a KAV, so probably not much difference compared to KSCF...

KSCFree does not have Application Control, FireWall, Software Updater, etc... nor other minor modules/features...

Just install and try :)
 
F

ForgottenSeer 89360

What having a firewall adds to the security though?
That depends on many factors, such as router, other devices on your network and others.

Many firewalls one way or another can be trained to allow a set of trusted programs and then block everything else by default - this can "sabotage" many forms of malware, as a credentials stealer for example, won't be able to send its database to the attacker, a downloader won't be able to load anything or a RAT won't be able to connect to the C&C. Ransomware might not be able to get an online key, so decryption might be easier or not needed at all.
It depends on the way you utilise it, as well as on the firewall itself.
It of course has potential bypasses.

Normally firewall is complemented by some sort of Intrusion Prevention (Network Attack Blocker in KIS), which can reduce your attack surface.

KIS includes other modules as well, listed by @harlan4096 which all work to minimise the vectors attackers could exploit.
 
Last edited by a moderator:

Nagisa

Level 7
Verified
Jul 19, 2018
341
It of course has potential bypasses.
Such as injecting code to other programs and uploading data at that way :unsure: But I guess that would make it easier to get caught by antiviruses because having those malicious patterns. So can we say that firewall module rather protects from obvious data stealing attempts? If true, having a simple firewall control program and blocking all inbound connections while allowing a few trusted programs outgoing would be no more less secure, am I wrong?
 
F

ForgottenSeer 89360

Such as injecting code to other programs and uploading data at that way :unsure: But I guess that would make it easier to get caught by antiviruses because having those malicious patterns. So can we say that firewall module rather protects from obvious data stealing attempts? If true, having a simple firewall control program and blocking all inbound connections while allowing a few trusted programs outgoing would be no more less secure, am I wrong?
It again depends on many variables, but in general, yes. It would be almost the same, except for the fact that AV firewalls normally deploy some policies over Windows services as well... not sure if small free firewall companions do that too. And yet the lack of IPS would remain. Some AV firewalls, such as Comodo go a step further with Deep Packet Inspection.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top