Advice Request Other standalone Default-Deny software?

Please provide comments and solutions that are helpful to the author of this topic.

imuade

Level 12
Verified
Top Poster
Well-known
Jul 29, 2018
566
Besides Cfw/cs is there any standalone software that is considered Default/Deny or can be configured that way?

Just curious as many here like the concept.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
VoodooShield is pretty popular, too!
And let's not forget NVT EXE Radar Pro. It's a classic, and has a strong user base.
There are more, but those are the most popular, I think.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153

17410742

Level 4
Well-known
Apr 27, 2018
172
I love VS,

the reason im currently preferring Comodo Cloud over VS is for 1 simple reason.

unknown files are ran sandboxed 'automatically', whereas on VS > if you allow the wrong unknown file - You're toast. (im hoping such a feature will pop into v.5.0 but for now, im giving CCAV a try & i really like it lol

I like what Dan is doing with VS - let's see if he does go that route too. (maybe a more user friendly modern UI too)
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I love VS,

the reason im currently preferring Comodo Cloud over VS is for 1 simple reason.

unknown files are ran sandboxed 'automatically', whereas on VS > if you allow the wrong unknown file - You're toast.
I don't understand the advantage to Comodo Cloud. In VoodooShield, at default settings, all unknown files are automatically blocked. There is no prompt. You can manually allow them only if you go out of your way to do so, just like with CCAV. And blocking is much stronger than sandboxing. So what's the advantage to CCAV?
 

17410742

Level 4
Well-known
Apr 27, 2018
172
I don't understand the advantage to Comodo Cloud. In VoodooShield, at default settings, all unknown files are automatically blocked. There is no prompt. You can manually allow them only if you go out of your way to do so, just like with CCAV. And blocking is much stronger than sandboxing. So what's the advantage to CCAV?
The difference is,

If you allow an unknown file on VS it runs as normal, outside a sandbox.

On CCAV, even allowing an unknown file, it still runs inside its containment.

Correct me if I'm wrong but you have to manually add the file to the trusted files to have an unknown file run outside its containment.

Both CCAV & VS offer default deny, but the difference comes when allowing the unknown/untrusted.
 

Wraith

Level 13
Verified
Top Poster
Well-known
Aug 15, 2018
634
Appguard, it is simply the best. If you have a lifetime license you are very lucky. :)
I have a lifetime license for AG version 4 but don't use it since it has been discontinued. If you use an internet security suite like Kaspersky (Trusted Applications Mode) or ESET(with HIPS) you won't require AppGuard if you know how to configure them properly.
Back to the original post, hard_configurator is a solid default deny software for windows 10. Other alternatives are Comodo Firewall(with CS settings) and Kaspersky Internet Security (with Trusted Application Mode).
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
The difference is,

If you allow an unknown file on VS it runs as normal, outside a sandbox.

On CCAV, even allowing an unknown file, it still runs inside its containment.

Correct me if I'm wrong but you have to manually add the file to the trusted files to have an unknown file run outside its containment.

Both CCAV & VS offer default deny, but the difference comes when allowing the unknown/untrusted.
I see. Thanks for the explanation.
If you want to use CCAV for running potentially malicious files, I think that the strength of the sandbox should be tested. Not all sandboxes are created equal. I know that CruelSister was not happy with the CCAV sandbox. She said that it does not protect enough COM interfaces.
In any case, although I don't use Voodooshield myself, I do agree with Dan the Dev that blocking malware is preferable to running it sandboxed on your own system.
 
F

ForgottenSeer 72227

Default allow is much better suited to the average user.

Agree wholeheartedly.

I'm a fairly advanced user, so I'm very well versed in Windows and how certain things work. I've dabbled in SRP and I can definitely see the appeal to it and understand why people like it. However even for me, it was driving me crazy here and there, so I just went back to a default allow setup with some W10 hardening and voila, far less frustrations. I'm not doubting it's effectiveness, but I agree 100% that if an advanced user like myself can get frustrated with it, an average user will be totally lost.
 
F

ForgottenSeer 72227

Anti-executable products are the domain of advanced users. Average users cannot handle them and they get themselves into trouble. Every single time someone I know installs a default deny product, I end up getting a call.

If there is an exception I would say it is virtualization. They can handle virtualization, more or less.

Agree!

Thing is too, often people will hear the security benefits of and anti-exe/SRP model and there are definite security benefits, but people will just start applying settings, Windows hardening without any understanding of whats happening and will start wondering why certain things aren't working anymore, or programs are running properly anymore. I'm always about education. Everyone starts at the same spot and everyone is free to learn and expand their skills. It's what makes this fun, but some times, some people just have to make sure they research, ask questions and understand whats going on and what it entails before using something like SRP.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top