Basic Security Moonhorse's config 2018

[Ink]

+Edge replacing Chrome ( the future updates of Chrome is the reason)

You still have a few months..

It's been planned for a long time, these companies have had 10 months to comply, with final blocks coming into place next year.

Source: Chromium Blog: Reducing Chrome crashes caused by third-party software (Chromium Blog (Nov. 2017))

I already ditched edge, i was posting on mt and it suddenly blanked whole screen. Horrible

Ctrl+Z

Already reported as a possible forum software bug.

 

[oldschool]

...

Already reported as a possible forum software bug.

Thanks @Spawn ! Lately I've been experiencing a lot of issues with the forum website. I'm pretty clear on Edge's other minor annoyances as it relates to the web in general.

 

[ForgottenSeer 72227]

You only have to select web filter yes, it will install the engine + web filter, currently taking 15mb of memory but i can ditch netcraft, malwarebytes etc. and just go with ublock origin/ nano from now because forticlient can replace them easily

View attachment 196686

You can also install sandbox / anti-exploit without installing antivirus i guess.

Thanks I'll take a look tonight

 

[imuade]

You only have to select web filter yes, it will install the engine + web filter, currently taking 15mb of memory but i can ditch netcraft, malwarebytes etc. and just go with ublock origin/ nano from now because forticlient can replace them easily

View attachment 196686

You can also install sandbox / anti-exploit without installing antivirus i guess

Thanks I'll take a look tonight

Not sure, the Web Security module is a kind of parental control, the malware/phishing/etc protection belongs to the AV module (Malware Protection).
You can go to phishtank website --> phish search (valid phishes + online)
PhishTank > Phish Search
Open one link and check if you get Fortinet warning

 

[Moonhorse]

Not sure, the Web Security module is a kind of parental control, the malware/phishing/etc protection belongs to the AV module (Malware Protection).
You can go to phishtank website --> phish search (valid phishes + online)
PhishTank > Phish Search
Open one link and check if you get Fortinet warning

First 20 = fortinet blocked 18/20, netcraft 19/20. Seems netcraft still doing better but forticlient still has strong overall protection

 

[imuade]

First 20 = fortinet blocked 18/20, netcraft 19/20. Seems netcraft still doing better but forticlient still has strong overall protection

Do you have the full Forticlient suite (APT + AV + web filter) or web filter only?

 

[Moonhorse]

Do you have the full Forticlient suite (APT + AV + web filter) or web filter only?

Web filter only. APT = sandbox + anti-exploit right?

Sandbox has default block untrusted files, so it would be good since fortinet has good signatures right?

Anti-exploit would be bit useless, osarmor might be lighter/ better

But these tools could make strong combo

Something like syshardener + av + OSA + Forticlient web filter + sandbox or something

 

[imuade]

Web filter only. APT = sandbox + anti-exploit right?

Sandbox has default block untrusted files, so it would be good since fortinet has good signatures right?

Anti-exploit would be bit useless, osarmor might be lighter/ better

But these tools could make strong combo

Something like syshardener + av + OSA + Forticlient web filter + sandbox or something

Forticlient signatures are quite good, so you can use the full suite with OSA and SysHardener (my current configuration) and you should be fine
I don't fully understand how all the modules match together... APT should not be related with the sandbox, but probably it enables signatures coming from other users using a fortisandbox to detect new malware.
If you don't have a fortisandbox, the sandbox module should only allow you to see quarantined items (just click on the 0 day icon).
Anti-exploit should be under the Vulnerability module and it works well wit OSA, so you can use both

 

[Moonhorse]

Update time:
- removed forticlient web filter ( proxy might be slowing me down, netcraft still better than forti)

- not using edge because stuttering too much

+
Google chrome;
- Nano adblocker
- Nano defender
- Tunnelbear adblocker
- Malwarebytes browser extension(no ad/tracker protection)
- Netcraft
- Bitwarden

I think my browser has all wide protection with these extensions. Not any slowdowns, tunnelbear is speeding browsing speed a bit aswell. Malwarebytes is bit laggy for some people, but it doesnt affect me that much and im looking forward their updates.

Seriously im thinking windows defender is the lightest av , and OSA+ Syshardener are enough of protection. Windows defender is also getting better day by day.

Its not like that im browsing or downloading any shady from internet, nope.
Only way i could get infected is the ' ccleaner'' case where trusted file were malicious.

Ps. added virustotal to tools, because using it to scan every exe. that im running

 

[LDogg]

WD when configured well can be good enough protection. Again dependent on personal experience, testing and knowledge. I think your journey for setups has definitely been good. Keep it up!

~LDogg

 

[ForgottenSeer 72227]

Not sure, the Web Security module is a kind of parental control, the malware/phishing/etc protection belongs to the AV module (Malware Protection).

Thanks @imuade! I did give it a try and your right, its very much like a parental control. I did uninstall it, not because it caused issues or anything, nothing against it, it just wasn't what I thought it was. I was more under the impression that it was a web traffic scanner.

Seriously im thinking windows defender is the lightest av , and OSA+ Syshardener are enough of protection. Windows defender is also getting better day by day.

Its not like that im browsing or downloading any shady from internet, nope.

Good changes, I think you have all your basis covered. Your right, Windows Defender has definitely improved from where it was and is starting to/is a viable option IMO. I too am seriously considering switching to WD, OSA and SH for my setup. I too find WD light on my systems, a little heavier than say Eset, but its no that bad. I know that's not always the case for everyone, but I do wish that Microsoft would take the time to address that particular issue so its light and fast for everyone. I know I said that I was content and I am, but I just want a simple, but effective protection, no need to go crazy, especially like you I practice safe habits

 

[Moonhorse]

Just bit tuning:
+ installed forticlient web filter back, since it has no any effect into browsing speed/ no browser injection on chrome
- Removed tunnelbear
- Removed malwarebytes extension
= theyre redundant since forticlient is doing most + netcraft + safe networking habits

+ windows defender has folder protection enabled, since it will give notification that might be somehow useful

Back to neustar dns, just cant get rid of it

At last i think only thing i could change for now is getting into andys Configure defender and see how it does. Only thing is just that windows defender is enough and it will have constant updates when configuredefender is just a tool, wich is updated whenever andy can

 

[oldschool]

Just bit tuning:
+ installed forticlient web filter back, since it has no any effect into browsing speed/ no browser injection on chrome
- Removed tunnelbear
- Removed malwarebytes extension
= theyre redundant since forticlient is doing most + netcraft + safe networking habits

+ windows defender has folder protection enabled, since it will give notification that might be somehow useful

Back to neustar dns, just cant get rid of it

At last i think only thing i could change for now is getting into andys Configure defender and see how it does. Only thing is just that windows defender is enough and it will have constant updates when configuredefender is just a tool, wich is updated whenever andy can

Configure_Defender is simply a GUI to enable access to more advanced settings than the default MS UI currently allows. It only needs updating when MS makes more/new (but still hidden) features available in WD. If you're using WD you should definitely use CD, otherwise your getting basic default protection. I would never use WD without it.

 

[gin]

Never get enough

 

[Moonhorse]

Update:
- just installed AVG back, since it has behaviour blocker and it has no ad pop-ups like avast do, i dont like to block telemetry or ads from free products because it would be cheating against them

+ added firefox nightly as secondary browser as firefox claims it is usable even as main browser

 

[oldschool]

I like your setup but have you seen anyone about your AV ADD?

 

[Black Wings]

Update:
- just installed AVG back, since it has behaviour blocker and it has no ad pop-ups like avast do, i dont like to block telemetry or ads from free products because it would be cheating against them

Windows Defender has behaviour blocker too ... Edit ... Ops! Behaviour Monitoring :emoji_flushed:

 

[Moonhorse]

Update:
- Reverted syshardener settings and removed syshardener from pc
- Removed OSArmor
- Removed AVG free
- Removed firefox nightly

+ Added Comodo Cloud Antivirus

+ malwarebytes extension back to chrome

+ Adguard DNS

Had good time with AVG, really pleasant experience

I wanted to go back to comodo firewall, but i think i can have same kind of protection with CCAV, without having to mess up with trusted/untrusted files and config that much

Syshardener were slowing boot times down, i ' underclocked' my computer a bit and switched fans so im going for powersafe built right now, messed up bith bios a bit

I have been thinking reverting back to windows 8.1, but i guess its not worth it on main pc

 

[Nestor]

I wanted to go back to comodo firewall, but i think i can have same kind of protection with CCAV, without having to mess up with trusted/untrusted files and config that much

With what files do you have problem with trusted or untrusted?Cause i installed CIS before 6 months and never had any similar problem.The only thing was, that after a new Windows update, some small files of no importance, marked as unknown and stayed like this unless if you want you can upload them to cloud to make themtrusted.But that doesn't cause any problem at all..

 

[Moonhorse]

With what files do you have problem with trusted or untrusted?Cause i installed CIS before 6 months and never had any similar problem.The only thing was, that after a new Windows update, some small files of no importance, marked as unknown and stayed like this unless if you want you can upload them to cloud to make themtrusted.But that doesn't cause any problem at all..

I know its just visual bug, but with ccav i dont have to care about those, couldve aswell installed cis wont make any difference on performance