imuade

Level 7
Verified
Besides Cfw/cs is there any standalone software that is considered Default/Deny or can be configured that way?

Just curious as many here like the concept.
 

17410742

Level 3
I love VS,

the reason im currently preferring Comodo Cloud over VS is for 1 simple reason.

unknown files are ran sandboxed 'automatically', whereas on VS > if you allow the wrong unknown file - You're toast. (im hoping such a feature will pop into v.5.0 but for now, im giving CCAV a try & i really like it lol

I like what Dan is doing with VS - let's see if he does go that route too. (maybe a more user friendly modern UI too)
 
Last edited:

shmu26

Level 76
Content Creator
Trusted
Verified
I love VS,

the reason im currently preferring Comodo Cloud over VS is for 1 simple reason.

unknown files are ran sandboxed 'automatically', whereas on VS > if you allow the wrong unknown file - You're toast.
I don't understand the advantage to Comodo Cloud. In VoodooShield, at default settings, all unknown files are automatically blocked. There is no prompt. You can manually allow them only if you go out of your way to do so, just like with CCAV. And blocking is much stronger than sandboxing. So what's the advantage to CCAV?
 

17410742

Level 3
I don't understand the advantage to Comodo Cloud. In VoodooShield, at default settings, all unknown files are automatically blocked. There is no prompt. You can manually allow them only if you go out of your way to do so, just like with CCAV. And blocking is much stronger than sandboxing. So what's the advantage to CCAV?
The difference is,

If you allow an unknown file on VS it runs as normal, outside a sandbox.

On CCAV, even allowing an unknown file, it still runs inside its containment.

Correct me if I'm wrong but you have to manually add the file to the trusted files to have an unknown file run outside its containment.

Both CCAV & VS offer default deny, but the difference comes when allowing the unknown/untrusted.
 

devjit2018

Level 8
Appguard, it is simply the best. If you have a lifetime license you are very lucky. :)
I have a lifetime license for AG version 4 but don't use it since it has been discontinued. If you use an internet security suite like Kaspersky (Trusted Applications Mode) or ESET(with HIPS) you won't require AppGuard if you know how to configure them properly.
Back to the original post, hard_configurator is a solid default deny software for windows 10. Other alternatives are Comodo Firewall(with CS settings) and Kaspersky Internet Security (with Trusted Application Mode).
 

shmu26

Level 76
Content Creator
Trusted
Verified
The difference is,

If you allow an unknown file on VS it runs as normal, outside a sandbox.

On CCAV, even allowing an unknown file, it still runs inside its containment.

Correct me if I'm wrong but you have to manually add the file to the trusted files to have an unknown file run outside its containment.

Both CCAV & VS offer default deny, but the difference comes when allowing the unknown/untrusted.
I see. Thanks for the explanation.
If you want to use CCAV for running potentially malicious files, I think that the strength of the sandbox should be tested. Not all sandboxes are created equal. I know that CruelSister was not happy with the CCAV sandbox. She said that it does not protect enough COM interfaces.
In any case, although I don't use Voodooshield myself, I do agree with Dan the Dev that blocking malware is preferable to running it sandboxed on your own system.
 

Raiden

Level 10
Content Creator
Verified
Default allow is much better suited to the average user.
Agree wholeheartedly.

I'm a fairly advanced user, so I'm very well versed in Windows and how certain things work. I've dabbled in SRP and I can definitely see the appeal to it and understand why people like it. However even for me, it was driving me crazy here and there, so I just went back to a default allow setup with some W10 hardening and voila, far less frustrations. I'm not doubting it's effectiveness, but I agree 100% that if an advanced user like myself can get frustrated with it, an average user will be totally lost.
 

Raiden

Level 10
Content Creator
Verified
Anti-executable products are the domain of advanced users. Average users cannot handle them and they get themselves into trouble. Every single time someone I know installs a default deny product, I end up getting a call.

If there is an exception I would say it is virtualization. They can handle virtualization, more or less.
Agree!

Thing is too, often people will hear the security benefits of and anti-exe/SRP model and there are definite security benefits, but people will just start applying settings, Windows hardening without any understanding of whats happening and will start wondering why certain things aren't working anymore, or programs are running properly anymore. I'm always about education. Everyone starts at the same spot and everyone is free to learn and expand their skills. It's what makes this fun, but some times, some people just have to make sure they research, ask questions and understand whats going on and what it entails before using something like SRP.
 
  • Like
Reactions: AtlBo and oldschool