Advanced Plus Security LDoggs Security Setup

[LDogg]

Update: 3/08/18

Removed software:
- Mozilla FF Quantum (will leave in config section encase I wish to reinstall in the future)
- Unchecky (may have been compromised)
- VoodooShield (having to disabled it whenever I wish to install, update, change anything on here)
- Multiloginapp (was testing)
- ProtonVPN (was testing)

Added software:
- Immunet (testing to see if this works well)

~LDogg

 

[Deleted member 178]

in your opinion what software out there offer a very light config, but also covers most attack vectors on a system?

CFW + Immunet
Tinywall + OSArmor + Browser Extensions
CFW on it's on (not too confident with it alone)
Immunet (Clam AV off) + Forticlient (Web only) + Tinywall.
CFW + Second opinion scanners + web extensions
CFW + OSArmor
OSArmor + Zonealarm Firewall.

 

[Moonhorse]

CFW + Immunet
Tinywall + OSArmor + Browser Extensions
CFW on it's on (not too confident with it alone)
Immunet (Clam AV off) + Forticlient (Web only) + Tinywall.
CFW + Second opinion scanners + web extensions
CFW + OSArmor
OSArmor + Zonealarm Firewall.

cf + cs is made for average users, thats why hips isnt on
@Evjl's Rain said only hips on paranoid would work, would you run it as paranoid @Umbra if you wanted to go cf on its own

Or just scan frequently with on-demand scanners ( will do it anyways)
Anyway im incomplete user so i wouldnt trust only using cf, so i rather have av

 

[Deleted member 178]

would you run it as paranoid @Umbra if you wanted to go cf on its own

My settings when i used CIS (not for noobs.)

Comodo Internet Security Setup/configuration thread (Setting Only)

The Comodo section is well documented, people should must read it.

 

[Moonhorse]

My settings when i used CIS (not for noobs.)

Comodo Internet Security Setup/configuration thread (Setting Only)

Will check it out , thanks

 

[LDogg]

Testing with Immunet for a bit! @Evjl's Rain what's your settings for this software btw?

~LDogg

 

[LDogg]

@Moonhorse this is the amount it takes up within Task Manager:

~LDogg

 

[Moonhorse]

@Moonhorse this is the amount it takes up within Task Manager:

View attachment 194333

~LDogg

Yeah CCAV is around 50mb total, so its like half more looked up from task manager

Have you enabled scan packed files? Or just keep immunet there as on-demand scanner. Since i have no idea about system impact immunet+ cf vs CCAV

I could disable real time scanning from ccav, since auto-sandbox is on block mode and signatures are still updated in real time..

 

[LDogg]

Yeah CCAV is around 50mb total, so its like half more looked up from task manager

Have you enabled scan packed files? Or just keep immunet there as on-demand scanner. Since i have no idea about system impact immunet+ cf vs CCAV

I could disable real time scanning from ccav, since auto-sandbox is on block mode and signatures are still updated in real time..

Just enabled the Packed & Achive Scans in settings. Seeing how it'll do now. Seems very very light!!

~LDogg

 

[LDogg]

Software added:
- Forticlient v6 (web filter only)

~LDogg

 

[LDogg]

Updated settings & extensions for currant config 4/08/18.

Comodo Firewall:
- Auto Containment (Enabled)
- HIPS (Safe Mode)
- Virusscope (Enabled)
- Website filtering disabled (Forticlient is only web filter i need)

Scriptsafe for Comodo Ice Dragon & Opera (my own settings in tests):
- Browser Plugin, Battery, Device Enumeration, Gamepad, WebVR, Canvas Font Fingerprint protections blocked.
- WebGL is blocked in about:config settings for Ice Dragon, the rest are unblocked due to site breakage in tests

Forticlient:
- Only web filter, default settings
Will be keeping Netcraft, due to personal testing blocked all Phishing sites

Immunet (my own settings in tests):
- ClamAV off
- Blocking Mode off (too heavy, also creates a lot of False Positives for software & installation of software when testing)
- Scanning Archived Files on (scans through .rar .zip files)
- Scanning Packed Files on (scans through obfuscated files)

Malwarebytes Browser Extension (CID & Opera)
- Adblocking only function turned off

@Evjl's Rain @Moonhorse @HarborFront hope you like my new config.

~LDogg

 

[Moonhorse]

Only features ice dragon has comodo secure dns ( asks during installation) you wont benefit from it since youre using Quad9
The only feature you have is siteinspector, i bet you dont use it at all since it wont have any kind of real-time protection feature

Could aswell go back to firefox quantum, for more frequently updates

Something i wanted to ask is do you have comodo internet security essentials installed, wich is bundled with comodo firewall installer

Do you have both; comodo and windows firewalls enabled? I do. Now im just wondering myself do i benefit anything from Syshardener windows firewall settings along with cf

 

[LDogg]

It also has Comodo Online Security (extension), & HTTPS Enforcement from Comodo too. Both of which I have disabled. I think Comodo Ice Dragon seems to be a bit more stable compared to Quantum so far. Which is why I uninstalled it during my tests.

Forgetting WFW, Syshardener goes further. You would definitely benefit from Syahardener + CFW.

I'm having a trial with Forticlient + Immunet currently. For now I think they both serve me no purpose. I need to have a config where I am 100% i like and to my means xD Talk about being fussy I know.

~LDogg

~LDogg

 

[Moonhorse]

Since you had VDS + cf , you could give a go for Heilig Defense RansomOff
Since its signature-less and cf has signatures they could work well together?

 

[LDogg]

Since you had VDS + cf , you could give a go for Heilig Defense RansomOff
Since its signature-less and cf has signatures they could work well together?

I could. But I think basic uBlock filter lists may do a better job. Then I'd have installed 3 software over taking off Unchecky (maybe compromised) + VDS.

I'll take a look though. I believe CFW + Malwarebytes + Forticlient should more then well deal with Ransomware. Even then I'm thinking about taking off Immunet + Forticlient.

Thanks for the suggestion, I'll have a look, may test it and have a think about. Appreciate it.

~LDogg

 

[Moonhorse]

I guess immunet + forticlient are bit of useless for you anyways, you would be fine with cf

I can bloat my system with maximium protection or just go with lightest setup, at last it doesnt make huge difference to my daily browsing habits + gaming performance. I will only notice difference when i open up task manager/ killswitch to see whats happening.

Same with the browser extensions, i could be fine with nanoblocker + bitwarden only. But having netcraft/ malwarebytes doesnt affect into browser performance at all, just extra protection so i rather have them than be without

For me this is just endless cycle where i swap my setup to another, its like hobby. I think av-testing would be next step, wich makes it bit more exciting

 

[LDogg]

I guess immunet + forticlient are bit of useless for you anyways, you would be fine with cf

I can bloat my system with maximium protection or just go with lightest setup, at last it doesnt make huge difference to my daily browsing habits + gaming performance. I will only notice difference when i open up task manager/ killswitch to see whats happening.

Same with the browser extensions, i could be fine with nanoblocker + bitwarden only. But having netcraft/ malwarebytes doesnt affect into browser performance at all, just extra protection so i rather have them than be without

For me this is just endless cycle where i swap my setup to another, its like hobby. I think av-testing would be next step, wich makes it bit more exciting

I'd want something else alongside CFW. As I'm only use some default settings anyway.

~LDogg

 

[Moonhorse]

Some cloud av with cf would be nice, kaspersky perhaps when it becomes available for you. Then you could ditch some extensions maybe

Or cf + andys configure defender

Well theres alot alternatives but well see

 

[LDogg]

Some cloud av with cf would be nice, kaspersky perhaps when it becomes available for you. Then you could ditch some extensions maybe

Or cf + andys configure defender

Well theres alot alternatives but well see

There is. I feel as if I do not need Forticlient at all, as I'm using Netcraft & Malwarebytes.

~LDogg

 

[LDogg]

Updated: 11/08/18

Removed software:
- Forticlient (kept blocking URLs when trying to use Wifi at local pub I DJ at, after testing I don't see the need to have it on my system)

~LDogg