Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
Hello @Evjl's Rain !

Sadly today I was informed (@imuade ) about K9. For me K9 was an exceptional alternative (without the ugly/nightmare blocking lists). Anyway, now I am looking for a K9 replacement. In my opinion, you are the highest authority in this subject, so please allow me to consult you:

1) Browser extensions/add-ons are a pain in the @ss. So, I have two alternatives: To use native internal browser blocking tools, or to use system/network/desktop level alternatives for blocking tracking/ads/malware. With regards to this second alternative (system/network/desktop level), I already know about Pi-hole, Adguard-desktop, Comodo Firewall, and DNS services. Do you know any other good system/network/desktop level alternative for blocking tracking/ads/malwares?

2) I still have Comodo Firewall/CS' settings. I can use the "Web Filter" option in order to customize my blocked lists. Please, can you update your recommended lists for blocking tracking, ads and malwares?

Thank you in advance!
hi,
Forticlient web filter only is probably the best alternative for K9
other solutions are usually packed with their antivirus engines => more conflicts
panda web filter (standalone program) is extremely bad

1/ browser extensions: for me they are not bad. Just use these 2 extensions together: windows defender browser protection + emsisoft browser security => speed, super light & stable, good enough. They are the only painless extensions I can find
about system-wise adblocking, I only use adguard DNS. I don't want to waste any money for external devices for a minimal gain with my usage
you can use pihole. I think it's the best for many people. Some people like me don't need it
desktop programs like adguard will definitely cause some conflicts/trouble in some situations (adguard desktop and AV's certificates, for example) + slow down your machine. Some people can notice it, some don't
2/ I don't like using comodo's webfilter. Firstly, you have to manually update the customized list yourself and it's not a pleasant experience. Slow, buggy + you won't get the latest update everyday
 
Last edited:

Decopi

Level 2
hi,... update everyday

Thank you @Evjl's Rain for answering me ... is always a pleasure to read and learn from your posts.

I tested Forticlient webfilter... didn't like it. Categories are too rigid for my needs, and zero ads blocking.
I am not saying "Forticlient is bad". I repeat, I'm just saying "I didn't like it".
Forticlient definitely is not a replacement for K9 (which had great customized categories, including spectacular malware blocking + enough anti-tracking/ads blocking power... everything with almost zero system impact + working at system level). K9 was fantastic!

Pi-hole is the best solution in terms of results (highest rates of blocking malwares/ads+tracking). But it is unpractical if you need 24 hours mobility.
Extensions/Add-ons?... never again! For me they are prehistory.
Blocking lists?... 15 years ago they were the first and sole solution against web-garbage. Today, in my opinion they became into web-garbage, specially if you are not an European/American user. Lists are an extremely inefficient alternative, like killing mosquitoes with bazookas.
DNS solutions?... they don't work for me, I travel a lot, not always have servers near me, and the negative impact on browser speed is huge.
Yeah, I know, my opinions are totally subjective, valid only for me. But I can live with that :)

I thought Adguard-desktop could be an alternative for me. However, in my tests it significantly slows down my browser experience. I reduced the number of lists (removed malware lists, I kept only the basics: ads + tracking), and even with few lists... it impacts negatively my browser experience.
Also, I checked my firewall, and can confirm that many trackers are not blocked by Adguard at system level (K9 was so good, that even Windows' telemetry was blocked at system level).

Well, it seems that without K9... I am f@ck :) ... I can't find a good solution for my user profile. So, focused on system performance, I guess my final decision will be:
1) To use only native internal anti-tracking browser alternative (not because it blocks everything, but only because it blocks in the most efficient way, with the less system impact).
2) To use native internal safebrowsing browser alternative (google)... for the same reason at "1)".
3) For ads, I will use "Policy Control" (by Jeremy Schomery). Based on my best knowledge, it is the lightest extension for general blocking content (not just ads). Compared to UMatrix, Policy Control uses just 20% of system resources, and it is unbeatable compared to other blockers. As I said, extensions/add-ons (for me) are a regression, but at the moment I can't see other alternative.

Thank you once again @Evjl's Rain !
 
Last edited:

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
Thank you @Evjl's Rain for answering me ... is always a pleasure to read and learn from your posts.

I tested Forticlient webfilter... didn't like it. Categories are too rigid for my needs, and zero ads blocking.
I am not saying "Forticlient is bad". I repeat, I'm just saying "I didn't like it".
Forticlient definitely is not a replacement for K9 (which had great customized categories, including spectacular malware blocking + enough anti-tracking/ads blocking power... everything with almost zero system impact + working at system level). K9 was fantastic!

Pi-hole is the best solution in terms of results (highest rates of blocking malwares/ads+tracking). But it is unpractical if you need 24 hours mobility.
Extensions/Add-ons?... never again! For me they are prehistory.
Blocking lists?... 15 years ago they were the first and sole solution against web-garbage. Today, in my opinion they became into web-garbage, specially if you are not an European/American user. Lists are an extremely inefficient alternative, like killing mosquitoes with bazookas.
DNS solutions?... they don't work for me, I travel a lot, not always have servers near me, and the negative impact on browser speed is huge.
Yeah, I know, my opinions are totally subjective, valid only for me. But I can live with that :)

I thought Adguard-desktop could be an alternative for me. However, in my tests it significantly slows down my browser experience. I reduced the number of lists (removed malware lists, I kept only the basics: ads + tracking), and even with few lists... it impacts negatively my browser experience.
Also, I checked my firewall, and can confirm that many trackers are not blocked by Adguard at system level (K9 was so good, that even Windows' telemetry was blocked at system level).

Well, it seems that without K9... I am f@ck :) ... I can't find a good solution for my user profile. So, focused on system performance, I guess my final decision will be:
1) To use only native internal anti-tracking browser alternative (not because it blocks everything, but only because it blocks in the most efficient way, with the less system impact).
2) To use native internal safebrowsing browser alternative (google)... for the same reason at "1)".
3) For ads, I will use "Policy Control" (by Jeremy Schomery). Based on my best knowledge, it is the lightest extension for general blocking content (not just ads). Compared to UMatrix, Policy Control uses just 20% of system resources, and it is unbeatable compared to other blockers. As I said, extensions/add-ons (for me) are a regression, but at the moment I can't see other alternative.

Thank you once again @Evjl's Rain !
you are right. Each person has different way of using their PCs
at the end of the day, it's hard to find something that fits everyone

to be honest, for several months of observation, extensions and my AV have barely blocked anything since I changed my way of using my laptop from testing various softwares to reading newspapers and messaging
I test these extensions to find which solutions to install on my parents' PCs, not mine, because they need more protection and are prone to be infected
I don't really like forticlient (also K9) too because I simply don't want to install anything more on my already-slow laptop
I do admit that blocking malwares is tougher in countries other than in Europe and US
some AVs always score exceptionally well but fail here, such as Norton
I uninstall everything I can and just install something which is as light as possible without straining my CPU and hard drive + high usability

I think your knowledge is enough to remove any dedicated webfilter like adguard, forti and K9. Let windows smartscreen do its job at blocking malwares
 
Last edited:

imuade

Level 8
Verified
you are right. Each person has different way of using their PCs
at the end of the day, it's hard to find something that fits everyone

to be honest, for several months of observation, extensions and my AV have barely blocked anything since I changed my way of using my laptop from testing various softwares to reading newspapers and messaging
I test these extensions to find which solutions to install on my parents' PCs, not mine, because they need more protection and are prone to be infected
I don't really like forticlient (also K9) too because I simply don't want to install anything more on my already-slow laptop
I do admit that blocking malwares is tougher in countries other than in Europe and US
some AVs always score exceptionally well but fail here, such as Norton
I uninstall everything I can and just install something which is as light as possible without straining my CPU and hard drive + high usability

I think your knowledge is enough to remove any dedicated webfilter like adguard, forti and K9. Let windows smartscreen do its job at blocking malwares
I found the combo CleanBrowsing DNS + Blocksi Web Filter to be quite effective.
I tested some phishtank links and CleanBrowsing blocked most of them, only missed few hours old links (whick Blocksi blocked, while both Emsisoft and Windows Defender Chrome extensions didn't)
 
Last edited:

Moonhorse

Level 25
Content Creator
Verified
I found the combo CleanBrowsing DNS + Blocksi Web Filter to be quite effective.
I tested some phishtank links and CleanBrowsing blocked most of them, only missed few hours old links (whick Blocksi blocked, while both Emsisoft and Windows Defender Chrome extensions didn't)
Their whitelist is that huge so its easy to block all fake sites with block unrated rule

Actually you can just go throught phishtank and see blocksi blocking more than others do,
Im actually gonna use blocksi + netcraft from now, since netcraft has the xss blocking(y)
 

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
I found the combo CleanBrowsing DNS + Blocksi Web Filter to be quite effective.
I tested some phishtank links and CleanBrowsing blocked most of them, only missed few hours old links (whick Blocksi blocked, while both Emsisoft and Windows Defender Chrome extensions didn't)
the only downside of blocksi for me is that in my country, too many safe websites are classified as unrated :( => blocked
the default preset is not good enough here
I have no choice other than using WDBP and emsisoft
cleanbrowsing has no server in asia => too high latency
 

imuade

Level 8
Verified
the only downside of blocksi for me is that in my country, too many safe websites are classified as unrated :( => blocked
the default preset is not good enough here
I have no choice other than using WDBP and emsisoft
cleanbrowsing has no server in asia => too high latency
Yeah, a partial workaround could be to set Blocksi to "warn" instead of "block". Like that you can manually access the website and you can also avoid their promo web page
If you try it, be sure to set the filters to "warn" instead of "block". With the latter, Blocksi will redirect to a promo web page where they advertise their router premium offer
 

Decopi

Level 2
you are right... do its job at blocking malwares

Thank you again @Evjl's Rain for your answer!

I don't use and I don't believe in legacy (passive data base function) AV/AM. I just use proactive CF+CS' settings.
During the past 12 months I've being testing some AI' alternatives for AV/AM, but didn't find yet nothing enough robust/mature. I found two different AI' free AV/AM software, but they are beta and too "local" for my needs (most of their protection is focused on local threats: China and Korea).
So, I am still married to CF/CS, feels comfortable for the last 3 years, excellent proactive protection, almost zero system impact... no other security software in my system (even not WD, smartscreen, UAC etc, everthyng is removed)... once a month I do a second opinion complete scan, and zero, always 100% clean... so honestly, I don't really worry about virus/malware.
I just used K9' categories for virus/malwares because it had no system impact. The same with safebrowsing, after removing K9 I turned safebrowsing "on" at my browser just because it has a minimum system impact.
That is the reason "why" I never will use again extensions/add-ons for virus/malware... in my opinion is a complete waste of system resources. And the use of "blocking lists" for virus/malwares... it is the worst idea nowadays (where zero-days attacks rule the game).

So, my present focus really is anti-tracking and ads-blocking.
But as I said, if you are not European/American... forget blocking-list!... bazookas for mosquitoes.
VPN's, DNS's, PiHole etc... are unpractical for mobility, or useless if you don't have servers near your city.
Now without K9, this new context pushes me to Policy Control extension. After removing K9, this is the only tool I have against ads. The true is that by blocking third-parties content (JS, XHR/XML, Frames, CSP, websocket and Cookies), is possible to kill 70% of trackers and ads... good enough for me.
It is good to mention that most of the privacy/security issues are hiding behind advertising. So, blocking ads is also a way to hardening security/privacy. Yeah, ads are my major fight.

But I intend to keep reading your posts, because in my opinion you are "an authority" in this field, you are always testing stuff, bringing news and new stuff etc, so you always will be my source of inspiration :), source of innovations.

Thanks again!
 
Last edited:

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
@Evjl's Rain Welcome back to the forum bro (y)I checked your computer security config thread but there are no new updates from you. Would you please share a list of extensions and malware/phishing/ad/tracker filters you are currently using? thanks bro.
hi, thank you :)
I haven't updated my config because there is no change. I will update it soon
spoiler: Avast (configured for maximum speed + HM aggressive) + syshardener
browser: chromium (by woolyss)
extension: ublock (no malware filter, only for blocking ads), WDBP, emsisoft
windows 8.1 pro (not updated for a year)
 

Moonhorse

Level 25
Content Creator
Verified
I have reported such site like 8 hours ago, the url has reviewed 2 times from netcraft, still allowing it
212746



Blocksi blocks it, because of com-nit.xyz like domain
212747


How common are xss attacks anyways? Never thought the power or avoiding of them

The phishing throught twitch.tv wich is common platform, you can visit the site anytime anyday and you find such links passing netcraft etc

VirusTotal

VirusTotal
 
Last edited:

Decopi

Level 2
spoiler: Avast (configured for maximum speed + HM aggressive) + syshardener
Hi @Evjl's Rain , please just a simple question about your AVAST:

Time ago you wrote several posts about OSArmor.
What happened?
Have you stopped using OSArmor?

In other posts, I saw your AVAST' settings. And I might be wrong, but I saw there few configurations similar to OSArmor, in the sense of trying to add to AVAST some extra protection to several potential dangerous file extensions. Am I wrong? Did you prefer to hardening AVAST instead to use several security protections? (OSArmor, VodooShield, Comodo Firewall etc). Was this your logic?

As I said in previous comments, I don't use Legacy AV/AM.
However, among Legacy AV/AM, my opinion is that AVAST has the best (gain/loss) equation between light system impact and reasonable protection.
After years, are you still using AVAST for this reason?

I understand that lot of your choices are made based on simply solutions for your family/friends.
But I am really interested in the solutions you choose for your profile.

Please, can you share your AVAST and SysHardener' settings?

Thank you in advance!
 

Evjl's Rain

Level 40
Content Creator
Trusted
Malware Hunter
Verified
Hi @Evjl's Rain , please just a simple question about your AVAST:

Time ago you wrote several posts about OSArmor.
What happened?
Have you stopped using OSArmor?

In other posts, I saw your AVAST' settings. And I might be wrong, but I saw there few configurations similar to OSArmor, in the sense of trying to add to AVAST some extra protection to several potential dangerous file extensions. Am I wrong? Did you prefer to hardening AVAST instead to use several security protections? (OSArmor, VodooShield, Comodo Firewall etc). Was this your logic?

As I said in previous comments, I don't use Legacy AV/AM.
However, among Legacy AV/AM, my opinion is that AVAST has the best (gain/loss) equation between light system impact and reasonable protection.
After years, are you still using AVAST for this reason?

I understand that lot of your choices are made based on simply solutions for your family/friends.
But I am really interested in the solutions you choose for your profile.

Please, can you share your AVAST and SysHardener' settings?

Thank you in advance!
hi, avast has the best balance between performance and protection so that's the reason I use for years. I don't mind about other flaws such as privacy or bugs because I can deal with it by some tweaks or workaround
I don't like installing any extra in my computer. OSArmor used to be my favorite softwares but it's incompatible with avast on windows 8.1. Some users also reported the same issue on windows 10. Many people don't have this issue and the developer couldn't reproduce it so he couldn't fix it
moreover, OSArmor did cause some false positives on my side and it consumed some resource (quite significant) while I was running some cmd commands

syshardener works very similarly but requires zero installation and it consumes absolutely 0 resource. It's enough for me especially when I have avast's hardened mode aggressive enabled. The chance of being bypassed is really slim against regular malwares, even less than other better AVs like kaspersky, BD, norton/symantec,... because avast has hardened mode (aka default-deny against new, not yet-reputable exe files). Those better free AVs don't have default-deny module
besides avast, there are also windows smartscreen, google safe browsing (my browser), emsisoft and windows defender extensions

this is my avast's setting
I also blocked some telemetry using hosts file

my syshardener
 
Last edited:

DeepWeb

Level 23
Verified
I installed Emsisoft Browser Security because like some have said here, it's the most barebones and does not send your browsing history around. What I have done so far is just whitelist all known encrypted TLDs for Javascript in Chrome using [*.]com:443. This restrict Javascript to run only on HTTPS websites of popular domains. While there can be malware and phishing on encrypted sites it's unlikely that those are also registered under popular top level domains.
 
  • Like
Reactions: oldschool

Decopi

Level 2
hi, avast... my syshardener
Thank you @Evjl's Rain for your interesting detailed answer.
Always is possible to learn a lot from you.

I just will finish my questions by asking you:
1) About the blocked telemetry in your host file... is it the same I saw in your very old posts? Or have you changed/updated it? Please, do you mind posting again your blocked telemetry items?
2) I understand you have conflicts with OsArmor/Windows 8. But I am curious about your opinion of AVAST + OSArmor + SysHardener. Do you recommend to use the 3 at the same time? Is it your dream combo?

Thanks a lot and have a nice weekend!

PS: As I mentioned, no legacy AV/AM in my system, just CF/CS settings. And for the last 12 months, I only tested new generation AI AV/AM solutions. However, as you, I also mess with other computers (work, family, friends etc), and there for average users I use legacy stuff. At most of these computers I like to have AVAST (because all the positive reasons you already quoted). But my way of hardening AVAST, usually is CF/CF or OSArmor or SysHardener. I never had issues with OSArmor using Windows 10. Also zero conflicts with CF/CS and SysHardener.
 
Last edited:
  • Like
Reactions: oldschool