Basic Security orbitweaver's security config 2018

[orbitweaver]

Hi im new this is how im currently set up

Notes...

- I dont use SUA because well most my computers are used primarily for gaming at the end of the day, and im always concerned about how steam and that works with SUA. From what i understand it just adds a layers of privacy, and with UAC it adds some protection, so its something im looking into.

-Im thinking about running with hard configurator but it seems uneeded with my current config, but a hardened windows always seems like a good windows.

-I dont do backups on most my computers, as i have little to nothing to lose on any of them.

-Lastly no, i dont know my current firewall config, i never have, comodo has never turned off windows firewall, and their responses to inquiry is befuddling. So i currently have two firewalls running, because according to them, its ok cuz microsoft says so.

 

[harlan4096]

@orbitweaver: please kindly consider:

• In "Real-time Web & Malware Protection": deelete from this field HMPA if You are not using it in Realtime.
• In "Device Firewall " just select 3rd-party Firewall - Network security provided by a trusted vendor, as You are using CSFW.
• As for "Disk Imaging Backup", You may add Macrium Reflect Free or AOEMI Backupper, both are free and reliably.
• Consider also to run manual backups of important data to external devices-
• As for "Web Privacy", You may add some browser extensions: and a VPN service.
• A PassWord Manager would be welcome also.
• Please kindly reflect Your changes editing Your config, and announcing them here.

Thanks for sharing Your config

 

[JM Safe]

About your firewall you are surely using Comodo.

Why not backups? Add Macrium Reflect Free or AOMEI Backupper.

Thanks for sharing.

 

[illumination]

Hope the below recommendation helps.

Spoiler: Recommendation

*Safe Habits*


-Knowledge: This should be the base of any good security configuration. Learning safer habits and utilizing your security as a "just in case" instead of trying to use many layers of applications to make up for lack of understanding.

-This should include the following aspects.


1. Be leery of clicking links especially in email or instant messages. Verify URL's, not only by manually looking at them, but also running them through URL scanners such as the one at Virus Total. If you are unsure still, the best course of action is to not click that link.

Bookmark important sites: A misspelled address could take you to a false site that mirrors the site you intended to go to. A book marked address will take you to the same site every time.

Passwords: In general you would be better off utilizing one of the many password managers, but as it often sometimes is, most average users do not, or can not, so keep this little bit of information in mind if this is the case.

Do not use the same password for all sites, if you are limited on what you can remember then please make sure to be careful and not use the same password for any of the sites you frequent as the ones you use for your email. If the site is to be breached, you would not want them to gain access to your email via same used passwords. Passwords should be strong, hard to guess or crack, password managers all have generators built in for building and storing strong passwords.

2. Updates/Patches:

Run maintenance on your system as you would a vehicle, consider it preventive maintenance. Always make sure to keep your system and applications patched. These patches and updates are for a good reason, they are plugging holes in your surface of attack. While i recommend keeping patched always, i would also state to do your research on certain updates for the OS/drivers/applications before applying, make sure there is not a fresh set of new bugs to contend with that are worse then what they are patching, this happens more often then most realize.

If you limit the amount of 3rd party applications on your system, you also limit the time doing maintenance, you limit the amount of freshly introduced bugs, and you keep your surface of attack smaller, and in the end, your machine will thank you for it by running better and being more enjoyable.

3. Back ups:

This is more important then security. No security out there can achieve 100% protection, if they could, they would already have a monopoly on the market and would have run all others out of business. Prepare for the worst, strive for the best.

Personal items are of the utmost important files on your system, once lost, they can not be replaced. Backing up externally or into the cloud "both recommended by me", so as to ensure you always have a copy of it obtainable. If something were to happen, you lose nothing this way, and can start freshly if needed.

Using images to create snapshots of your system works well for those who neither have the knowledge or time to repair/wipe a system. Windows has a built in option, although there are 3rd party options. It is a good idea also to keep on hand Microsofts media creation tool burnt to a flash drive, updated when needed. With this you can run repairs or wipe the system and build it from a clean install, which after a nasty infection, is always recommended to ensure you have eradicated the issue.

4. Security:

It has always been recommended for users to try applications for themselves. These products all have trials "most of them anyway", for this very reason. Test drive them for a couple weeks, does it fit your uses, is it running ok on your system and resources, are you comfortable with the settings and layout to get around and adjust it as necessary.

Learning the product is recommended here. Most throw them on with default settings and never venture in to settings to realize there is much more then meets the eye. Google search is handy for learning these, as are the manuals most of the products companies produce and are freely accessible. Watching youtube videos of a product will not help you decide what is best for you. You need to experience the product and settings to fully grasp it.

Understand you are a home user, and you are not targeted like corporations and businesses. The chances of you seeing sophisticated attacks and malware on that level are quite slim. There is no need for paranoia when you cover your basics, keep everything patched, backed up, use caution/safe habits when surfing.

Be careful what you divulge to websites "personal information", these as seen in the news are not as secure as they should be, once your information is in someone else's hands, anything can happen to it.

Know that the more security you pile on your system, the chances of incompatibilities/bugs arise and issues may occur. Finding a proper balance of application to knowledge ratio is fully recommended.


~illumination

 

[LDogg]

Comodo Firewall could be complemented along with OSArmor for anti-exploit, also you could utilise the built-in Windows Defender as well and using second opinion scanners for you setup. I feel this would benefit you, as you seem to have smart browsing habits.

Loving the set of extensions you have, very good.

You could also look at some AVs dependant on which you want to use, Sophos or Avast Free w/ hardened mode set to aggressive.

Add ZAM Free to on demand scanners.

Could also add Windscribe VPN Free.

Backup software you COULD use: Macrium Reflect or Aomei Backupper. Backup some files which are important is still essential.

Thanks for sharing.

~LDogg

 

[orbitweaver]

Thanks for the feedback everyone

- Adding Macrium Reflect to give it a whirl because it doesnt hurt to try a highly recommend product.
- Looking into VPNs, I believe i actually have a subscription to one that im just not using, ill update that later.

In "Real-time Web & Malware Protection": delete from this field HMPA if You are not using it in Realtime.

I dont use the realtime scanner but should i still leave it as it still offers solid exploit protection.

A PassWord Manager would be welcome also.

I used to use one, then i saw breaches and got a little wary of them. However im looking into bitwarden, it seems ok but i dont like the cloud aspect, ever.

You could also look at some AVs dependant on which you want to use, Sophos or Avast Free w/ hardened mode set to aggressive.

Ive been looking at them, but i feel the setup it pretty good, Windows defender compliments comodo pretty well i think, if anything i can just switch HMPA realtime on.

Comodo Firewall could be complemented along with OSArmor for anti-exploit, also you could utilise the built-in Windows Defender as well and using second opinion scanners for you setup. I feel this would benefit you, as you seem to have smart browsing habits.

What benefits does OSArmor offer over HMPA, or is it a completely different product. Also maybe you can answer this, am i supposed to disable windows own exploit protections that HMPA uses like mandatory ASLR and DEP or is overlap ok in those. Seems like im asking a dumb question because i assumed all HMPA does is enforce those windows protections.

 

[orbitweaver]

- Turned on HMPA Realtime, im %90 sure the scanner is cloud based and wont conflict with windows defender
- Still playing around with password managers
- HMPA terminates ZAM when it attempts to scan due to one of the exploit gaurds. Not sure if i need another one anyways.

 

[orbitweaver]

-Added Bitwarden
-Added Voodooshield free to see how it would play with Comodo, if it plays nicely i might get rid of HMPA after license ends.

 

[slash/]

-Added Voodooshield free to see how it would play with Comodo, if it plays nicely i might get rid of HMPA after license ends.

You could always get rid of both. CF with CS' settings is sufficient.

 

[orbitweaver]

You could always get rid of both. CF with CS' settings is sufficient.

It isnt quite her settings, it was just easier to put her settings. The only thing we have in common is we both dont use HIPS, Ive removed the run virtually rule all together.

Edit: Ive added a rule to just block untursted files and things of that nature.

So im not sure of the effectiveness of my comodo settings

 

[slash/]

So im not sure of the effectiveness of my comodo settings

If you have a VM, test your settings out against some malware. If not, you can try CS' settings without HMPA or VS. If you notice a lighter running system, stick with it. Your layered approach isn't wrong, but you can achieve the same protection with CF alone.

 

[orbitweaver]

If you have a VM, test your settings out against some malware. If not, you can try CS' settings without HMPA or VS. If you notice a lighter running system, stick with it. Your layered approach isn't wrong, but you can achieve the same protection with CF alone.

Thanks ill take a look at testing it in a VM, at the end of the day i just want my computer to be secure, because it will take a lot to slow my computer down.

 

[slash/]

Thanks ill take a look at testing it in a VM, at the end of the day i just want my computer to be secure, because it will take a lot to slow my computer down.

More software will result in a large surface for potential attacks. That's the only reason I like to keep it light. I'm overclocked at 4.5GHz, but I can still notice those few seconds of faster response when I use CF on its own, versus other combinations. Use whatever works best for you. Any combo involving an anti-executable (including CF standalone with CS' auto-containment settings) will be sufficient.

 

[ForgottenSeer 72227]

Thanks ill take a look at testing it in a VM, at the end of the day i just want my computer to be secure, because it will take a lot to slow my computer down.

I agree with what @root/ said, try to keep it simple, take the time to learn the programs you have (ie: what it can and cannot do, its settings, etc...) and try not to over think it. Just because you have a powerful computer doesn't mean you have to load it up with tons of software to make it more secure. The more you have the greater the chances you can increase your attack surface, also it means more program that you have to keep up to date. When testing a program/setup take the time to see how it feels and works for you (ie: give it at least a couple of weeks) and then move on to something else if you feel like its not working for you. Another thing to keep in mind is that no program or setup is 100% full proof, regardless of what program/setup you decide on you should still follow good/safe security habits.

 

[LDogg]

I agree with what @root/ said, try to keep it simple, take the time to learn the programs you have (ie: what it can and cannot do, its settings, etc...) and try not to over think it. Just because you have a powerful computer doesn't mean you have to load it up with tons of software to make it more secure. The more you have the greater the chances you can increase your attack surface, also it means more program that you have to keep up to date. When testing a program/setup take the time to see how it feels and works for you (ie: give it at least a couple of weeks) and then move on to something else if you feel like its not working for you. Another thing to keep in mind is that no program or setup is 100% full proof, regardless of what program/setup you decide on you should still follow good/safe security habits.

This is good thinking! +1

 

[orbitweaver]

Sorry i didnt know i had too much software. I just found this earlier from a comodo 10 vs voodooshield thread earlier and wanted something to replace HMPA once the license runs out, even though they arent really the same type of software. When i saw some people were using it and it was compatible, and the biggest fan of comodo herself give it a thumbs up i thought it was no biggie.

Both. Simple as that.

Don't diminish yourself by thinking you can't handle Cruel Comodo. Use VS free as primary protection, and CF (at my settings) for the Outbound Firewall protection and sandbox and to catch VS if it falls.

Come now- I'm only a girl and can handle Comodo...

 

[slash/]

Sorry i didnt know i had too much software. I just found this earlier from a comodo 10 vs voodooshield thread earlier and wanted something to replace HMPA once the license runs out, even though they arent really the same type of software. When i saw some people were using it and it was compatible, and the biggest fan of comodo herself give it a thumbs up i thought it was no biggie.

Like I said, you weren't doing anything wrong. VS would be a "just in case" as far as a setup involving CF-CS + VS would go. From my experience, VS has never been needed, but you could definitely keep it as a backup line of defense.

 

[ForgottenSeer 72227]

Sorry i didnt know i had too much software. I just found this earlier from a comodo 10 vs voodooshield thread earlier and wanted something to replace HMPA once the license runs out, even though they arent really the same type of software. When i saw some people were using it and it was compatible, and the biggest fan of comodo herself give it a thumbs up i thought it was no biggie.

No need to apologize you weren't doing anything wrong. We've all been there at some point, heck I know I have. It wasn't until I found forums like this one and reading great information from knowledgeable people that I realized that I was overthinking things and going way overboard. Security is both a learning process and a journey. Sorry if I made you feel like you were doing it all wrong, that wasn't my intention. As I mentioned previously, get to know your program(s), as they may cover your bases more than you know and you may not need that extra software/extension after all. ESET is a good example of this, some people say it's weak, but really once you get to know how to use/configure it, it's actually quite powerful. In saying that I see no issues in using VS and CF if you choose to go that route

 

[LDogg]

I was using VS + CFW, I just got tired of disabling VS when installing or updating software.

~LDogg