Danger Vitali Low end laptop config 2024

[Vitali Ortzi]

My custom security configuration for a low end laptop
Looking for default deny , av software that can rum on this system as defender , ESET are too heavy

 

[Vitali Ortzi]

Extension performance results on debugbear

(Zonealarm extension usage is similar to checkpoint )
Link for checkpoint extension thread Serious Discussion - [Extension]Checkpoint harmony web protection

 

[Vitali Ortzi]

Extension performance results on debugbear

(Zonealarm is about the same as the checkpoint one except checkpoint has more settings, is more updated so should have similar usage )View attachment 285959View attachment 285958View attachment 285957

Comparison to other popular extensions

 

[TairikuOkami]

Celeron n4000 , 2gb ram ,emmc storage (laptop)

Definitely Panda Cloud, nothing else can run on this and while it is not top notch, free version still scores highly in AV comparative tests and combined with Quad9 and extensions, it will do.

 

[Vitali Ortzi]

Definitely Panda Cloud, nothing else can run on this and while it is not top notch, free version still scores highly in AV comparative tests and combined with Quad9 and extensions, it will do.

Looked at mostly av comparatives and they got worse but very close results in benchmark tests to eset , other av software I have already tried
But since the main issue I face is actually ram limitations then how low can ram usage be on panda free ?
Like how much it can allow other processes to use when they need it (they are already starving)

 

[Vitali Ortzi]

Definitely Panda Cloud

main issue I face is ram usage so probably preferably actually something that doesn't save even some signatures in ram
Unsure if panda would fit my requirements and would probably try later but I'm really trying to first understand how can I check how much ram processes using as most usage goes under compressed ram and I can't identify how much each each process uses
As process explorer , task manager , Killswitch etc all hide how much ram processes use under "compression"

Would be glad if you can help me find a way to accurately measure ram usage of the compressed part per process

 

[Vitali Ortzi]

Decided to use Symantec browser protection over emsisoft after some testing in pishtank,openpish

(Seemed to work better then trafficlight , emsisoft in some unscientific testing I have done )

 

[South Park]

MS Defender is heavy for me (~150 MB) on an old 6th-gen i3 with 4 GB shared RAM. I found Kaspersky Free to be lighter on memory (~80 MB) but its web protection slowed browsing too much over my already-slow Wi-Fi. Webroot was the lightest AV I ever used and was the only one that would run on my ancient Windows 7 Core Duo with 3 GB RAM, but it had tons of false positives when I last used it in 2019.

 

[Victor M]

Do consider switching to Linux. Linux is known for catering to low spec machines. Like Lubuntu, Puppy Linux, and quite a few more. Then security will be less worrisome because almost all of the software that you need are obtainable from the official repository of the distro. And Lubuntu has Apparmor - a mandatory access control implementation. Google for 'low spec Linux distro'.

Linux is not that alien of a OS as many may think. If you have passing familiarity with the command prompt, you will do fine. There is ifconfig instead of Window's ipconfig. Nestat is the same. ls instead of dir. cp instead of copy. mv to move files. Of course there is a File Manager, so you won't need to touch commands. CTRL-C is copy and CTRL-V is paste, just like Windows' keyboard shortcuts. The Linux world copies features from Windows; focusing on migrating Windows users to Linux. There is the built-in Firefox. Whatever you don't know you can use the man command to read the documentation. ( man <command>; apropos <keyword> ). Documentation is good in Linux. And there is a Huge community of forums where they welcome beginners; and Tons of how-to sites. In fact I run a how-to site myself; focusing on setting up in depth security for Ubuntu / Ubuntu based distro's.

 

[Vitali Ortzi]

Do consider switching to Linux. Linux is known for catering to low spec machines. Like Lubuntu, Puppy Linux, and quite a few more. Then security will be less worrisome because almost all of the software that you need are obtainable from the official repository of the distro. And Lubuntu has Apparmor - a mandatory access control implementation. Google for 'low spec Linux distro'.

Linux is not that alien of a OS as many may think. If you have passing familiarity with the command prompt, you will do fine. There is ifconfig instead of Window's ipconfig. Nestat is the same. ls instead of dir. cp instead of copy. mv to move files. Of course there is a File Manager, so you won't need to touch commands. There is the built-in Firefox. Whatever you don't know you can use the man command to read the documentation. ( man <command>; apropos <keyword> ). Documentation is good in Linux. And there is a Huge community of forums where they welcome beginners; and Tons of how-to sites.

i have used bsd(modren unix) and linux (unix like) before even as a main system but this is not just my laptop rather actually its mostly the family using it (might go chrome os route )
btw some desktop environments actually use more performance then windows desktop window manager such as (kde,gnome ) but what was more performance friendly was using just a window manger ( used to use icewm) but yeah the ones above are really lightweight (xfce or a window manager to reduce usage )

and the reason to not use linux is because windows is familiar to my family and just works and technaclly if windows would have been in s mode or was hardened as much as the Xbox it wouldn't really be much less secure but by deafult and worse what im using has really awful security not far from running everything as root in linux and yeah apparmor is far far better then windows uac which you can bypass as well

essentially windows by default is unsecure and linux distros are secure by default and windows has the ability to be secure and xbox is the prime example

 

[Vitali Ortzi]

MS Defender is heavy for me (~150 MB) on an old 6th-gen i3 with 4 GB shared RAM. I found Kaspersky Free to be lighter on memory (~80 MB) but its web protection slowed browsing too much over my already-slow Wi-Fi. Webroot was the lightest AV I ever used and was the only one that would run on my ancient Windows 7 Core Duo with 3 GB RAM, but it had tons of false positives when I last used it in 2019.

Kaspersky feels much lighter but too heavy for my system in my testing about webroot i will look into it but what im looking for is reputation based default deny wich i dont think it has

 

[Vitali Ortzi]

btw just tested safe to open , netcraft,symantec ,checkpoint ,trafficlight,fakeshop detector, emsisoft,windows defender , google safe broswing (in brave )
in Artists Against 419(fake sites ) the results I got were
checkpoint( uncategorized ) done the best although did miss some sites followed by Symantec as 2nd best and then trafficlight ,checkpoint in default config got third

Anyway these extensions didn't get the best results but did stop some of the fake sites
netcraft,fakeshop detector ,safetopen

And the worst were were emsisoft , defender, google safe broswing (brave )

 

[harlan4096]

No Log-in security and/or device encryption?

I guess UAC disabled because using Comodo still don't know if it is a good idea...

PassWord Manaver? VPN?

No File and Photo backup? Even manually to external device?

And to sum worse: No System recovery?

Thanks for sharing!

 

[Victor M]

Basically, the xfce based Xbuntu (if you are more familiar with xfce) is a far simpler install process. and xfce is easy enough for your family to learn/adjust to. Because you don't have to spend time on setting and balancing security, asking for opinions and all that. Just a walk thru the install wizard and done. But I suppose you can approach the problem as a challenge.

 

[Vitali Ortzi]

No Log-in security and/or device encryption?

I guess UAC disabled because using Comodo still don't know if it is a good idea...

PassWord Manaver? VPN?

No File and Photo backup? Even manually to external device?

And to sum worse: No System recovery?

Thanks for sharing!

VPN no reason to use it in general especially as this stays in home
About password in case it would leave my home I will use encryption , password
System recovery might add deep freeze or something like that later

UAC off yes it's a bad idea but the permission manager of uac basically either convinces users to give perms and some malware can bypass it anyway
Yes it would cause every process to run privileged but browser is well sanboxed (google has better sandboxing then other engines ) plus any process that will spawn would be contained by comodo (still advanced threats can bypass it as it's a meh virtualization that doesn't use hypervisor

Would like advices for good reputation based default deny as I'm uncertain if it's a good idea to add av as any av causes the system to be slow while without any av it feels fast considering the specs for some webassembly gaming , less then a second or two page loading (except heavy sites with lots of images or scripts )

 

[Victor M]

Would like advices for good reputation based default deny

Then use WDAC and WDAC Wizard. If you want to, you can even create hashes for all the allowed apps and not rely on path rules.

 

[Vitali Ortzi]

No Log-in security and/or device encryption?

I guess UAC disabled because using Comodo still don't know if it is a good idea...

PassWord Manaver? VPN?

No File and Photo backup? Even manually to external device?

And to sum worse: No System recovery?

Thanks for sharing!

I'm waiting to see uac registry change against the Andy ful challenge or the dll injection To see if it's better to set a secondary admin account and although I thought about using an av in the system only actual ones that wouldn't use too much resources for this system (less then Kaspersky , eset ) are really awful and aren't being actively tested since for obvious reasons

Even hitmanpro.alert was too heavy XD
Still was much better then (Kaspersky /eset) in terms of performance usage



Btw I think the thread should be kept at (danger,risk)

 

[Vitali Ortzi]

Then use WDAC and WDAC Wizard. If you want to, you can even create hashes for all the allowed apps and not rely on path rules.

Decided to keep comodo because it seems easier to manage but might change to a Microsoft built in tools for reputation in the future


Most of what's done is browsing so with filter lists in brave and block , safe browsing , smart screen (defender extension) , checkpoint configured to block non classified (reputation ) and has threat extraction, emulation and chromium (brave ) by itself is pretty well hardened by itself with good isolation and if some payload drops it might get contained by cruelsister config (with changed like removing all trusted vendors in comodo )
So although there is no av due to performance issues it's still decently secure
((Dll injection doesn't work with fully disabled uac , Andy ful challenge that bypass drivers wasn't tested with uac fully disabled although it probably would bypass comodo )