Raiden

Level 13
Verified
Content Creator
I am currently running both SH and OSA alongside WD to help fill in some of the gaps that WD doesn't cover, but if I can make my setup even slimmer, while still keeping the same level of protection I am all for it. If anything I will more than likely keep OSA as I like the ability to readily make exclusions if I need to.

After reading an insightful post from @Andy Ful about OSArmor and Syshardener, I've realized that while they are both very good programs, they do overlap in protection, as they cover many of the same aspects. In saying that there are some some protections that are available in Syshardener that are not available in OSA, unless I haven't seen them :ROFLMAO: (ie: creating outbound block rules in Windows Firewall for certain vulnerable processes).

I would like to know if there was a way I can keep both OSA and SH and set them up to compliment each other? I have looked through the settings of both programs and disabled ones in SH that I know are covered in OSA, but enabled ones like (the default outbound WF rules, some rules under "Windows security tweaks", the 3 ticks under Powershell hardening and vulnerable software tweaks). Would this be a good example of using both together, or should I just use OSA by itself and not worry about SH?
 

plat1098

Level 9
Verified
Why not ask the developer himself? Send him a conversation message, maybe.

I use SysHardener and EXE Radar Pro, but definitely agree, SysHardener rules because of the nature of the various tweaks I've enabled. I would be concerned about underlying, hidden conflicts between OSArmor and SysHardener because of the myriad options and what's enabled by default, not to mention Windows v.1809. :censored: A word or two from NoVirusThanks would be welcome.
 
D

Deleted member 178

SH deactivates stuff while OSA/ERP blocks.

If something is deactivated, it doesn't matter if something blocks it on top.

Using an analogy, if you don't pay your electricity bill and your power is cut, it doesn't matter if you turn off the light switch.
 

plat1098

Level 9
Verified
Umbra: you wouldn't advocate running SysHardener and OSArmor on the same system, would you? Isn't there some redundancy there? For example, I looked at the SH interface and decided to enable some more settings, especially in outbound firewall, and upon clicking "apply", the command prompt was invoked (ERP notified). If you had blocked cmd in OSArmor, there is an issue, right?

Of the two, I think SysHardener is more powerful. I've had isolated problems w/OSArmor indicating it blocked something and it wasn't really blocked, but again, this is observed in Windows v. 1809.
 
D

Deleted member 178

@plat1098 on one system, the testing one, I have SH + OSA + ERP no issues so far.

SH are just tweaks deployed by a GUI using powershell/cmd , it is not a monitoring soft, nothing powerful there, you could do it manually but as I said earlier, it would take long time..

I ticked almost all stuff on OSA and SH.

OSA is very good at blocking LOLbins if it's advanced settings and custom blocks are used properly.
 

Raiden

Level 13
Verified
Content Creator
Thanks for all the feedback!

I use SH on all my systems, save me hours of tweaking works. For me SH (and similar tweaks) has priority over OSA/ERP or other security apps.
Yes I really like it, it definitely makes it much easier to tweak rather than having to do it manually.

I see Umbra's point in giving preference to SH. Plus, the recent OSA bug and failure (?) with the latest Windows feature update. (Which was quickly fixed as you would expect).
Ya It was a little annoying that it popped up, but it's Windows, so there are always suprises :ROFLMAO: It was nice the SH was not affected in anyway, as all it's doing it adjusting settings within Windows and not running in real-time.

Why not ask the developer himself? Send him a conversation message, maybe.

I use SysHardener and EXE Radar Pro, but definitely agree, SysHardener rules because of the nature of the various tweaks I've enabled. I would be concerned about underlying, hidden conflicts between OSArmor and SysHardener because of the myriad options and what's enabled by default, not to mention Windows v.1809. :censored: A word or two from NoVirusThanks would be welcome.
I may actually do that, hes very helpful and knows the ins and outs better than anyone!


SH deactivates stuff while OSA/ERP blocks.

If something is deactivated, it doesn't matter if something blocks it on top.

Using an analogy, if you don't pay your electricity bill and your power is cut, it doesn't matter if you turn off the light switch.
That's a very good anaolgy :D and makes sense. One of the reasons as to why I was leaning more towards OSA was to make exclusions, where that's not possible with SH, but in saying that I really haven't run into too many issues and really haven't had to make any exclusions thus far...:unsure:

Umbra: you wouldn't advocate running SysHardener and OSArmor on the same system, would you? Isn't there some redundancy there? For example, I looked at the SH interface and decided to enable some more settings, especially in outbound firewall, and upon clicking "apply", the command prompt was invoked (ERP notified). If you had blocked cmd in OSArmor, there is an issue, right?

Of the two, I think SysHardener is more powerful. I've had isolated problems w/OSArmor indicating it blocked something and it wasn't really blocked, but again, this is observed in Windows v. 1809.
It's one of the reasons as to why I am re-thinking my strategy when it comes to running OSA and SH. After looking much closer they definitely cover a lot of the same elements. There are some things that each one has that the other doesn't (ie: block windows firewall rules in SH, not in OSA), so that's why I was seeing if I were to disable the duplicate settings in SH, but only keep the ones that OSA doesn't cover, if it would cause any issues.
 

Freki123

Level 6
Verified
@NoVirusThanks Is there any chance that there will one! version which is a combined sys hardener and os armor? Without any possibly overlapping settings?
Sorry if it has been asked a hundred times :D
Anyway keep up the nice work i really like your programs.
Have a nice weekend

Umbra: you wouldn't advocate running SysHardener and OSArmor on the same system, would you? Isn't there some redundancy there? For example, I looked at the SH interface and decided to enable some more settings, especially in outbound firewall, and upon clicking "apply", the command prompt was invoked (ERP notified). If you had blocked cmd in OSArmor, there is an issue, right?.
You could still disable OsArmor (just for that operation) if you know for sure the operation you are going to do will trigger cmd or whatever you blocked. Since nobody will try to execute keygen.exe while lowering osarmors protection to apply a syshardener settings it should be no problem. (Only my guess which could be totaly security wise wrong :D)
 
  • Like
Reactions: given