Advice Request Should I add Syshardener with RT Norton Ultra/OSArmor/WinSec

Please provide comments and solutions that are helpful to the author of this topic.

Intel_iRIS81

Level 1
Thread author
Verified
Jun 7, 2016
23
So I just recently started tweaking my setup again.

Quick rundown, my main Real Time is Norton Security Ultra and recently added OSArmor, I have Windows Security with pretty much everything ticked in options. So I figured why not with Syshardener.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
So I just recently started tweaking my setup again.

Quick rundown, my main Real Time is Norton Security Ultra and recently added OSArmor, I have Windows Security with pretty much everything ticked in options. So I figured why not with Syshardener.
Serious overkill. Pay your OSA sub forward to someone who could really use it and stick with Norton Ultra, and forget SH.

Stay safe, not paranoid! :cool:
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
Why does everyone believe that more equates to better? (ummm...insert Michael Scott joke). If you're using OSArmor and you have commom since you don't need anything else, security-wise. Add a decent imaging program and you're good to go.

Because people always want to be prepared for the 1% edge cases where more exotic security solutions will 'hopefully' protect them against a super-duper technical never seen before 0-day targeted attack by an APT group or nation state. Truth is 99.9% of people are not that interesting or that important to warrant such attention and should be fine with just a simple security setup i.e., Windows Defender, a few firewall rules and an adblocker.
 

Victor M

Level 7
Verified
Well-known
Oct 3, 2022
343
Actually, OSArmor only handles attacks that attempt to 'misuse' Windows' own exe's. Like using SC to stop your protection service. Or using Powershell to run a malicious script. Most of the times, these are hacker attacks, and OSArmor handles it well.

And then you are relying on Norton to catch foreign exe's that are malware. Well, we all know that anti-malware are mostly signature based, and cannot be relied upon totally. And their behavioural detection is also based off previously found malware samples. Signature based solutions has their uses, they stop known malware. But they cannot be relied upon to protect you against something new. And if you are install-happy and tries everything new, then you need something else.

So I would add Faronics Anti-executable or VoodooShield, because they are anti-executables. Anti-executables take a snap-shot of your clean machine and from then on, it doesn't allow any foreign executables to run. With Faronics it prompts you, and with VoodooShield it goes online to search it's reputation database, and then it prompts you with the results of the reputation check. So an anti-exe will definitely stop any malware because they are foreign to the system. A pure anti-exe, like Faronics, couldn't care less if something is malware, if it is foreign, it prompts you.

An anti-exe, together with OSArmor would provide close to total coverage. The anti-exe stops the new stuff, and OSArmor stops misuse of Window's own stuff.

To close the remaining gaps, you would disable things you don't normally use. Like certain services. A list of services that can be disabled is given at Harden Windows 11 for Security. How to secure Windows 11. . And then, you uninstall apps that comes with Windows that you don't use, like Power Automate. In doing so, you will reduce your attack surface further.
 
Last edited:

Victor M

Level 7
Verified
Well-known
Oct 3, 2022
343
Nope.

People come down this rabbit hole to learn security. They may be aiming to be a cyber security analyst in the corporate world or they may be a political activist in Iran. It's best to give them the whole nine yards and let them decide what is enough.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top