Advanced Plus Security LDoggs Security Setup

[DeepWeb]

Very interesting extensions especially CSS Exfil Protection. I will look into it thanks to you.

 

[LDogg]

Very interesting extensions especially CSS Exfil Protection. I will look into it thanks to you.

Glad I could help in some way.. Lemme know how your findings go!

~LDogg

 

[LDogg]

Thinking about ditching this current setup.

@HarborFront @Umbra @Evjl's Rain in your opinion what software out there offer a very light config, but also covers most attack vectors on a system?

I was thinking maybe CFW + Immunet
Tinywall + OSArmor + Browser Extensions
CFW on it's on (not too confident with it alone)
Immunet (Clam AV off) + Forticlient (Web only) + Tinywall.
CFW + Second opinion scanners + web extensions
CFW + OSArmor
OSArmor + Zonealarm Firewall.

Or CCAV with something else.

I'm not quite sure. I don't wish to get rid of Comodo Firewall as I know what to do with it.

~LDogg

 

[Moonhorse]

But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning

 

[LDogg]

I don't mess with the default FW. Just something personal I guess.

Edit: could also clash with CFW.

~LDogg

 

[Evjl's Rain]

I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient

But why isnt windows firewall option as tweaked?

there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup

 

[Evjl's Rain]

But why isnt windows firewall option as tweaked?

I will vote for:
Either cf + cs + hips
or cfw + immunet, disable clamAV+ packet file scanning

if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage

 

[LDogg]

I prefer CF + immunet or CF + avast tweaked for max performance (crippled security)
CF + K9 is also very nice, actually better web filter than forticlient


there are still many ways to bypass windows firewall but it's extremely hard to bypass CF
WF+tweaked avast or voodooshield can eliminate most infection vectors

for example, even KFA+WF can be bypassed by random exe malwares but avast has hardened mode which can easily deal with exe malwares

avast+syshardener+WF is an almost bulletproof setup

I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg

 

[Moonhorse]

if a malware is trusted and bypasses CF, if HIPS is set safe mode => HIPS will be useless because it will be bypassed too

unless, you set HIPS as paranoid, HIPS will have no effect on trusted malwares

HIPS is for paranoid users or users who want to lockdown their PC and don't install anything
totally not recommended for daily usage

Thanks, eye opening. Might go for immunet + cf later, im just in love with CCAV for now

 

[Evjl's Rain]

I'm thinking of adding Immunet and removing Unchecky & VoodooShield. VDS is great. How good is Immunet though?

~LDogg

immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my second op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB

 

[Moonhorse]

immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB

Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV

 

[Evjl's Rain]

Guess im gonna test this combo, myself aswell.. since even cs said cf is lighter than CCAV

CCAV without the cloud AV module might be lighter than CF? I guess
any AV is heavier than a firewall

if you want to test immunet, please be careful with FPs if you can tolerate it
it's okay for me but not sure for other people

 

[imuade]

immunet has very aggressive signatures, which are much better than many many AVs. However, it's aggressive = quite prone to FPs. it detects something all of my seconds op. scanners or avast/KFA couldn't detect
it's super light without clamAV. very insignificant system impact unless you execute a very very huge file >300MB

Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old
But I do remember I tried to make a right-click scan on a file and nothing happened...

 

[Evjl's Rain]

Does Immunet register as AV on Windows Security Center?
I tried it few weeks ago, but I can't remember if it did... I'm getting old
But I do remember I tried to make a right-click scan on a file and nothing happened...

sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast )
it has BB in case I allow something to bypass cf sandbox

 

[Moonhorse]

Immunet register as av on security center yes, when i had immunet a go i cant remember what actually happened but it was conflicting something with comodo, maybe because i didnt add immunet as trusted with cis

Anyway ccav + syshardener is lightest solution i have ever tried myself, might try immunet + cf later but as paranoid person i will end up to uninstall it anyway

 

[Nestor]

sometimes, it randomly fails to connect to servers for unknown reason, usually after we wake up the pc from a long sleep, when the internet disconnects
immunet right-click scan is not reliable and buggy, I prefer entering the UI and use the custom scan
I don't remember if immunet does it or not because I always disable security notifications. i don't think it matters

I'm using avast + CF now just because I like avast )
it has BB in case I allow something to bypass cf sandbox

Can Immunet be used as a second opinion scanner?I mean instead of HPA or EEK,is actually effective?Did it has a portable version?

 

[Evjl's Rain]

Can Immunet be used as a second opinion scanner?I mean instead of HPA or EEK,is actually effective?Did it has a portable version?

unfortunately not, there is not portable version
you have to install to use it

 

[LDogg]

So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg

 

[Evjl's Rain]

So @Evjl's Rain would you say if I take off VDS + Unchecky replace both with Immunet and look at certain settings (ClamAV off) it would be a bit better? Also obviously testing myself too, I've used it once before.

~LDogg

I think so because CF+VDS overlap each other a lot => you will get double prompts for the same application
immunet is just an AV so it will block malware without generating extra popup

it's a very basic AV with only signatures, nothing more

 

[imuade]

immunet is just an AV so it will block malware without generating extra popup
it's a very basic AV with only signatures, nothing more

Mhhh, I may give a try to Immunet + Voodoo Shield