qftest's private config
- Thread starter qftest
- Start date
- Jun 9, 2013
- 6,720
Keep those backups up to date and all looks good to me 
Thanks for sharing.
Thanks for sharing.
- Oct 23, 2012
- 12,527
McAfee VirusScan Enterprise contains a firewall.
Consider adding a couple more on demand scanners such as MBAM,Emsisoft Emergency Kit and or ESET Online Scanner
Consider adding an additional browser
Consider uBlock Origin in Chrome as well as HTTPS Everywhere
Thanks for sharing your config
Consider adding a couple more on demand scanners such as MBAM,Emsisoft Emergency Kit and or ESET Online Scanner
Consider adding an additional browser
Consider uBlock Origin in Chrome as well as HTTPS Everywhere
Thanks for sharing your config
- May 12, 2015
- 19
As said by @exterminator20 McAfee VirusScan Enterprise contains a firewall. It could interfere with Comodo.
- Nov 22, 2015
- 12
I use VSE8.8p6, no EPO, do not contain firewall components, and CFW no conflict.McAfee VirusScan Enterprise contains a firewall.
Consider adding a couple more on demand scanners such as MBAM,Emsisoft Emergency Kit and or ESET Online Scanner
Consider adding an additional browser
Consider uBlock Origin in Chrome as well as HTTPS Everywhere
Thanks for sharing your config
FF not used to ...
"HTTPS Everywhere" Expand Very good, thank you recommended.
Happy.
- Mar 23, 2015
- 555
As far as I know, virusscan enterprise is only one module of the entire enterprise endpoint package of mcafee.
That package also contains another application called Host Instruction Protection. This one, rather than virusscan enterprise, is often considered as the firewall.
I have ever tried mcafee virusscan enterprise. I know that with virusscan enterprise we can make customized rules to control the access of executable files to the network ports. But in my opinion, I think those rules cannot be viewed as a full-featured firewall. Please correct me if I misunderstand here.
But I agree that OP's config might be a little redundant.
@qftest :
Well, we know that the windows firewall under the default settings has no outbound filter, which in fact can be implemented with the port rules of virusscan enterprise.
So, virusscan enterprise + windows firewall will be a more light-weighted combo, if you are experienced in making rules with virusscan enterprise.
-----------------------------------------------------------------------------------------------------------
Only using comodo is also a good choice in my opinion. Of course the application control of mcafee virusscan enterprise is very powerful. However, some customized rules made with the application control can be implemented more easily with comodo hips.
Yes, the hips of comodo might not be easy to use. But the application control of virusscan enterprise is more complicated. In particular, in virusscan enterprise, you can make a rule like:
Code:
Preventing any memebers in the set A except all the memebers in the set B to take any operations in a set C to the Object DThe problem (of the application control in virusscan enterprise) is that:
1. "D" can only contain exactly one element. Of course you can make a rule to prevent A.exe from writing to all text files by setting D as
However, if you want to prevent A.exe from writing to "D:\test1.txt" and "E:\test2.doc", then you need two rules.
2. You cannot make an exclusion from "D". Consider the case that there are 100 sub-folders under "D:\test\", which are called "D:\test\sub1", "D:\test\sub2", ... "D:\test\sub100". Now I hope to make a rule that prevents A.exe from writing to all sub folders except the first one. In such case, I am afraid that, we have to make 99 rules...
3. You can make path-based rules in virusscan enterprise. Digital sign and hash codes cannot be used.
4. The usage of wildcard is not unified. In some places you have to use "*\test\**" to represent "D:\test", while in some other places you have to use "?:\test\**"...
-----------------------------------------------------------------------------------------------------------
Code:
*.txt2. You cannot make an exclusion from "D". Consider the case that there are 100 sub-folders under "D:\test\", which are called "D:\test\sub1", "D:\test\sub2", ... "D:\test\sub100". Now I hope to make a rule that prevents A.exe from writing to all sub folders except the first one. In such case, I am afraid that, we have to make 99 rules...
3. You can make path-based rules in virusscan enterprise. Digital sign and hash codes cannot be used.
4. The usage of wildcard is not unified. In some places you have to use "*\test\**" to represent "D:\test", while in some other places you have to use "?:\test\**"...
Please note that some features of spyshelter premium is also implemented in comodo, such as HIPS and anti-keylogger.
Compared with spyshelter, with comodo you can make more granular HIPS rules, and I hear comodo has a better support to the 64-bit OS.
So, I think using comodo along with spyshelter will not significantly improve the security. That is why I think your config is a little redundant.
As what is often mentioned in wilderssecurity, "less is more".
Last edited:
- Nov 22, 2015
- 12
Those who are complex and logical, say not good, it is easy to cause misunderstanding.
Try it in the future.
- Mar 23, 2015
- 555
Hi, @qftest . First, I think it is required by the forum rules that:
So in the following, when I quote your post, I would translate it into English.
Yes, that is just why I say the application control of virusscan enterprise is more complicated.
I cannot agree on this. You may know that, the actual effects of the default rules have already been known. For example, consider the famous default rule:
Its actual effect is to prevent the included processes (in the default setting it is system:remote) from writing and executing anything. It is not quite difficult to implement this in comodo.
If you want to protect the registry items, it can also be done with comodo by combining hips rules with Protected Object -> Registry Keys.
You can simply block the unknown executable files with the auto-sandbox of comodo with no need to answer any pop-ups.
Here is a video review made by cruelsister on this: Video Review - Comodo Firewall 8 2 0 4508 Setup and Test Part 2.
Well, as mentioned by my previous post, you can filter the outbound traffic by making some customized port rules with virusscan enterprise.
In such case, virusscan enterprise + windows firewall can provide decent protection...I guess.
Changing the reputation of the system file to "Unrecognized" can efficiently solve this problem in our tests, even after the cloud lookup is enabled.
First, I think it is required by the forum rules that:So in the following, when I quote your post, I would translate it into English.
Yes, that is just why I say the application control of virusscan enterprise is more complicated.
I cannot agree on this. You may know that, the actual effects of the default rules have already been known. For example, consider the famous default rule:
Its actual effect is to prevent the included processes (in the default setting it is system:remote) from writing and executing anything. It is not quite difficult to implement this in comodo.
If you want to protect the registry items, it can also be done with comodo by combining hips rules with Protected Object -> Registry Keys.
You can simply block the unknown executable files with the auto-sandbox of comodo with no need to answer any pop-ups.
Here is a video review made by cruelsister on this: Video Review - Comodo Firewall 8 2 0 4508 Setup and Test Part 2.
Well, as mentioned by my previous post, you can filter the outbound traffic by making some customized port rules with virusscan enterprise.
In such case, virusscan enterprise + windows firewall can provide decent protection...I guess.
Changing the reputation of the system file to "Unrecognized" can efficiently solve this problem in our tests, even after the cloud lookup is enabled.
Last edited:
Similar threads
