OSA/VS/AG/SAP differences

F

ForgottenSeer 823865

@Umbra I have a few questions if you don't mind.

1) so how Voodoo fits on all this. Acording to what i read, it does have some anti-exploit features (but only the paid version?) along with the anti-exe/white-list feature. Besides that, how the "snapshot" feature would work here? Wouldn't that be an anti-exploit too?
No, VS doesn't have true anti-exploit capabilities, this is just marketing gimmick like many vendors does to boost sales.
However, it has anti-post-exploit capabilities. to be qualified as a true anti-exploit, one must be able to protect the memory space.
VS like other anti-exes don't have this feature.
Anyway VS and anti-exe arent supposed to block exploit, it isn't their scope, they still works well with Win10 Exploit Guard or other anti-exploits like MBAE and HMPA.

2) I'm currently using Bitdefender Internet Security... that has - as far as i know - some anti-exploit features, so do i need MBAE ou HMPA still? If so, can i use the beta version from MBAE without worries? And if i use MBAE, do i still need to harden OS trough SysH. or H_C?
I never used BD, but if it has real anti-exploit capabilities, then you dont need MBAE or HMPA. If it has i would avoid adding MBAE to avoid potential conflicts.
if you use MBAE (must be without BDIS) then yes, you can use SH or HC (better H_C than SH btw).
i rather use this combo than BDIS: Windows Defender + MBAE/MBAM + H_C.

3) On the other side, using only Voodooh free version would add any benefit to my system, considering it's already protected by bitidefender?
yes and no. Yes because it has its reputation querry feature and no if you learn how to tweak BDIS. btw, dont use the free version, it is useless, no access to settings, you my ask its dev for a testing license, he used to offer many to forum members.

4) Comodo firewall default setting would be enough as a substitute for Vodooh? If not, Cruelsister config would be enough?
HIPS are superior to any anti-exe, they monitor more stuff like dlls, drivers, etc...i was a big fan of Comodo back in the days of v5-6, if you learn how to use it, you wont need anything else. I used to use it heavily tweaked and in paranoid mode.
Cruelsister config is ok for new users but it is not the maximum protection you can get since she relies a lot on the sandbox and not on the HIPS (which was Comodo main value)
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
VS like other anti-exes don't have this feature.
Anyway VS and anti-exe arent supposed to block exploit, it isn't their scope, they still works well with Windows 10 Exploit Guard or other anti-exploits like MBAE and HMPA.

But the windows 10 exploit guard can be used despite windows defender is off and BIS on?

HIPS are superior to any anti-exe, they monitor more stuff like dlls, drivers, etc...i was a big fan of Comodo back in the days of v5-6, if you learn how to use it, you wont need anything else. I used to use it heavily tweaked and in paranoid mode.
Cruelsister config is ok for new users but it is not the maximum protection you can get since she relies a lot on the sandbox and not on the HIPS (which was Comodo main value)
I liked COMODO when o used... But it had too many popups. IDK how they are going now.
yes and no. Yes because it has its reputation querry feature and no if you learn how to tweak BDIS. btw, dont use the free version, it is useless, no access to settings, you my ask its dev for a testing license, he used to offer many to forum members.
I tried to tweak BIS a few times but never found something that could be similar to an anti-exe or anti exploit

Ty for you help
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Tiamati,
Using H_C in default-deny setup alongside OSArmor is useless in the home environment. H_C will block anything before OSArmor could react.
There is a possibility to use them both when H_C is set to allow EXE files. But, this will be a highly overlapping setup, too. Furthermore, as @ErzCrz already mentioned, if you block PowerShell in OSArmor, then some H_C functionality will be blocked (ConfigureDefender will not work properly).

Reading your posts, I have the impression that you seek the best way to make your computer hardly usable.:unsure::giggle:
If I could advise you something, then simply use the AV you like and add one of the mentioned solutions (SH, OSA, VS, AG or H_C).(y):giggle:
 

Tiamati

Level 12
Thread author
Verified
Top Poster
Well-known
Nov 8, 2016
574
Tiamati,
Using H_C in default-deny setup alongside OSArmor is useless in the home environment. H_C will block anything before OSArmor could react.
There is a possibility to use them both when H_C is set to allow EXE files. But, this will be a highly overlapping setup, too. Furthermore, as @ErzCrz already mentioned, if you block PowerShell in OSArmor, then some H_C functionality will be blocked (ConfigureDefender will not work properly).
Ty @Andy Ful!!

Reading your posts, I have the impression that you seek the best way to make your computer hardly usable.:unsure::giggle:
If I could advise you something, then simply use the AV you like and add one of the mentioned solutions (SH, OSA, VS, AG or H_C).(y):giggle:

No, I would like a good setup without intrusive changes that may difficult using the PC... But a lot of questions i do is to learn more about them, so i can start to learn more by myself later. Most part is curiosity :oops:!
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Well, all the solutions mentioned above are good, I would highlight H_C, it is an excellent program with WD, it is tremendous, the other would be comfortable with the CS configuration, it is good enough to use it alone, if you understand how it works, although you can combine with an AV.
What you can't do is use them all at the same time since your machine can explode.:giggle:
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top