- Jul 31, 2014
- 1,086
As I said some days ago I played a bit with the new software of @JM Security (SecureMyBit Deny). I did a simple configuration of the product that I hope it could be useful to some users.
I enabled the AntiScript module because it could be very powerful to default-deny all scripts (.js, .vbs,etc.) that could be potential malicious, especially the ones that are sent via e-mail.
I disabled Remote Desktop Protection because sometimes I use this protocol, so I prefer to leave it enabled, but if in the future I will not use it anymore I will surely enable this module.
I disabled USB Write Protect because during these weeks I usually use USB drives to copy-paste files because of the school, but I will enable it when I will use USB drives less-frequently.
AutoRun Protection is obviously ON because it can be very useful to block a lot of malware infections (also via removable drives).
About the EXE Analyzer I think it is a really good tool because in a few seconds we can have a deep report of an EXE (what it does, the functions used, imports, etc.), personally the most important and dangerous impairment indicators in my opinion are the indicators related to encryption (this could indicate ransomware behaviour), keyloggers and Anti-VM indicators, connection indicators (this could indicate backdoor/RAT (Remote Access Trojan) behaviour).
This is my configuration of SecureMyBit Deny, that has as its objective to secure enough my PC but also preserve the usability (especially of USB drives).
I think I will post a test of SecureMyBit Deny.
Thanks
tim one.
I enabled the AntiScript module because it could be very powerful to default-deny all scripts (.js, .vbs,etc.) that could be potential malicious, especially the ones that are sent via e-mail.
I disabled Remote Desktop Protection because sometimes I use this protocol, so I prefer to leave it enabled, but if in the future I will not use it anymore I will surely enable this module.
I disabled USB Write Protect because during these weeks I usually use USB drives to copy-paste files because of the school, but I will enable it when I will use USB drives less-frequently.
AutoRun Protection is obviously ON because it can be very useful to block a lot of malware infections (also via removable drives).
About the EXE Analyzer I think it is a really good tool because in a few seconds we can have a deep report of an EXE (what it does, the functions used, imports, etc.), personally the most important and dangerous impairment indicators in my opinion are the indicators related to encryption (this could indicate ransomware behaviour), keyloggers and Anti-VM indicators, connection indicators (this could indicate backdoor/RAT (Remote Access Trojan) behaviour).
This is my configuration of SecureMyBit Deny, that has as its objective to secure enough my PC but also preserve the usability (especially of USB drives).
I think I will post a test of SecureMyBit Deny.
Thanks
tim one.