Bill K

Level 4
This dude;
Panda Dome Advanced 2018 Unlimited Devices/PC 12 Months Internet Security US | eBay

I had Panda support check him out and they confirmed he is a legitimate wholesale vendor of their products. That's where I got my license and decided to check after purchasing it to be sure it wouldn't be shut off randomly. That's one of the best deals I can find (and verify they are legit) for unlimited devices on a security product.
For those that may be looking for a great price on PDA for a single PC, the same verified seller has a listing for PIS/PDA for only $4.25. According to the seller (which I verified checking the Panda forum) the PIS license key will work to activate the latest version of PDA.
 
Last edited:

Slyguy

Level 43
@Slyguy:LOL:Almost all the components are Chinese.
And if you take a good look at your TV, it's made in China.:giggle:
There are a couple variations of this. Such as made in china, but assembled in the US, etc. But your point is valid, which is why any component within my home that talks outside of my home has restrictions. China is Geo-Blocked on the WAN by one of the most effective geo-blocking applications in the world. Also my 'Smart' TV's, while connected to the network for WLAN purposes and slinging, are only permitted to obtain firmware upgrades. They're opt-out on everything else, and Pi-Hole blocks their telemetry;

https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt

My SIEM makes sure nothing slips past. I did try a Chinese Made Smart-Plug once, and it was sending/receiving from an AWS bucket, then side channel dropping all of the contents to Beijing. That was fun to see, but scary for regular joes that recklessly deploy IoT without considerations.
 

Bill K

Level 4
Here's a couple examples. Since Panda Firewall works on a cascade policy based system, policy based firewalls are the most powerful as they mirror enterprise grade firewalls in policies being exercised from top down. In this case, the first policy is a policy to block all of the 'common' Trojan/RAT/Botnet ports. Of course there could be thousands of different ports used, it's often found many of them use the same ports. So we're addressing those ports here;

View attachment 196358

Since this is the first policy it will SUPERSEDE all other policies so the first thing the firewall will do is block all general trojan/rat/botnet ports before any other application. So even if a RAT got on and started to work, as long as it used one of the generalized malware ports it wouldn't traverse. We'll continue to refine the port list here.

21,22,23,25,31,121,139,445,456,555,666,777,1000,1001,1011,1015,1033,1042,1170,1207,1234,1243,1245,1269,1349,1492,1509,1600,1807,1981,1999,2000,2001,2023,2115,2140,2283,2565,2583,2716,2801,3024,3129,3150,3700,3791,4092,4567,4590,5000,5001,5011,5031,5321,5400,5401,5402,5521,5550,5569,5742,6000,6400,6669,6670,6771,6883,6912,6939,6969,7000,7300,7301,7306,7307,7308,7597,7789,8787,9400,9872,9873,9874,9875,9989,10067,10167,10607,11000,11223,12223,12345,12346,12361,12362,16969,20001,20034,21544,22222,23456,26274,30100,30101,30102,31337,31338,31339,31666,33333,34324,40412,40421,40422,40423,40426,47262,50505,50766,53001,54321,61466
@Slyguy - In your earlier post you stated: "Go to the RULES section, ADD new rule. Select "ALL Inbound and Outbound", BLOCK, then enter a large list of normal Trojan Ports then make this rule the TOP RULE in the policy list."
However I don't see an option to create a single rule to block inbound and outbound, and see in the screen shot above that you have it set to "Deny outbound connections". So is that all that is needed, or should a second rule be created to block incoming connections as well on all of the same ports? TIA for your clarification... my apologies if this should be obvious but want to ensure I get it setup properly!
 
Last edited:

Bill K

Level 4
Not to mention it's a lightweight offering. Has one of the best software firewalls - and specifically - one that can handle near 1000Mbps speeds when most choke past 400Mbps. Also it's cheap, legitimate licenses for unlimited devices are as low as $20 on Ebay. I purchased one to put family/friends all on the same account and opened a ticket with Panda support who verified it was a legitimate license. Also their mobile offering is really nice IMO.

So far (with SG settings), family and friends are totally protected. Not a single complaint.

View attachment 197666
@Slyguy - I see that your license shows 1070 days to expiration... how did you get that? The Panda re-seller on eBay that you mentioned only seems to sell 1 year licenses. Were you able to have several licenses bridged? TIA

Btw I purchased a 2 device/1year PIS license from that eBay seller for just $4.45 which successfully activated PDA as he said it would. (y)
 
Last edited:

Slyguy

Level 43
@Slyguy - I see that your license shows 1070 days to expiration... how did you get that? The Panda re-seller on eBay that you mentioned only seems to sell 1 year licenses. Were you able to have several licenses bridged? TIA

Btw I purchased a 2 device/1year PIS license from that eBay seller for just $4.45 which successfully activated PDA as he said it would. (y)
What you do is purchase 3 licenses for unlimited, 1 year. Then you get three keys. Apply one key. Wait. Log out. Wait an hour. Log back in. Then apply the next key it will ask how you want it - additional license, or stacked onto the first. Rinse and repeat and just stack them onto the first. If something goes wrong open a support ticket and they will manually stack them for you.

As for rules, you need to create inbound and outbound, that will solve it. Sadly they don't have a combination in/out rule method. It's a fairly potent firewall if you have the rules done right. If not one of the most potent of any suite.
 

Bill K

Level 4
What you do is purchase 3 licenses for unlimited, 1 year. Then you get three keys. Apply one key. Wait. Log out. Wait an hour. Log back in. Then apply the next key it will ask how you want it - additional license, or stacked onto the first. Rinse and repeat and just stack them onto the first. If something goes wrong open a support ticket and they will manually stack them for you.

As for rules, you need to create inbound and outbound, that will solve it. Sadly they don't have a combination in/out rule method. It's a fairly potent firewall if you have the rules done right. If not one of the most potent of any suite.
Optional stacking of multiple licenses worked directly on the Panda site exactly as you detailed. PDA with your recommended settings is running very smoothly on my system with an extremely light load, even when actively scanning. Thanks very much @Slyguy! :emoji_ok_hand:
 

Slyguy

Level 43
It's simple bugs like this that cast a shadow over Panda.

I still use it for family/friends as noted. What I do is buy an unlimited seat Dome Advanced, and just install it for them with SG Settings+Syshardener and walk away. Cheap, lightweight, no complaints from them. Also - as an added bonus, no infections reported at all with this combo so it is sufficient for average joes from the looks of it.
 

kev216

Level 20
Verified
Trusted
Content Creator
Out of curiosity does Panda also offer anti exploit in their suite?
Yes it does. In all versions, even in the free one.
Anti-exploit is a part of their Truprevent technology which is integrated in the behaviour blocker.
To use it, you need to enable both the 'behavioral blocking' and 'behavioral analysis' in the settings (which are enabled by default).
 

vertigo

Level 2
It's simple bugs like this that cast a shadow over Panda.

I still use it for family/friends as noted. What I do is buy an unlimited seat Dome Advanced, and just install it for them with SG Settings+Syshardener and walk away. Cheap, lightweight, no complaints from them. Also - as an added bonus, no infections reported at all with this combo so it is sufficient for average joes from the looks of it.
I agree. What little experience I have with Panda products has been pretty bad, to the point that over the past several months during my researching of various security products I never, until now due to seeing its results in AV-Comparatives testing, even bothered to look at them as an option (and after seeing its results in the testing here, I'm second-guessing that decision). Their support is terrible and they are slow to fix issues, if they ever do. I'm currently favoring Emsisoft, and I wouldn't be against going with Panda since it's so much cheaper, but between the poor test results and their habit of ignoring issues, I suspect I may come to regret it. The fact you have used it with so much success is a little promising at least.

I've seen several comments regarding Panda's poor signature detection, and some of them seem to indicate there's a difference between the free and paid version, which would be atypical of security products which usually use the same engine and database for free vs paid. Are they different for Panda, or is the only difference the additional features in the premium version?
 

harlan4096

Moderator
Verified
Staff member
Malware Hunter
About signature detection I think there is no difference between PDFree and PDPremium/Advanced.... in paid versions You have the module Application Control, which usually blocks the execution of unknown applications (on my experience .exe & .scr) but no any of the scripts variants, so AC improuves the prevention (not the signature detection), but still weak with scripts...
 
Top