- Jul 29, 2018
- 566
K9 Web Protection doesn't slow down anything and it's really effective and configurableWell thats a good point didnt even think about viruscope
Syshardener + OSA+ CCAV + webfilter extensions would be nice. But really doesnt matter what i run since performance always is kind of same.
Only i could think is lacking web shield would speed up things ( even my eye wont notice it) kaspersky might affect bit on browsing
Java clients im using will get disconnected , already were in touch with blue coats but they asked me to provide those endless lists of domains so i gave up, also comodo Dome shield is kind of enough. CCAV were using like 40mb of ram and every second boot it was at 80 so could aswell use cisK9 Web Protection doesn't slow down anything and it's really effective and configurable
NVT OSArmor and VoodooShield are designed to work differently - they do not serve the exact same purpose. In my opinion, it would be more appropriate to compare VoodooShield to NVT EXE Radar/Pro.For those who recommend OSA, it's not as tight as VS; there are things that can get around it even with full config.
Like it or not, default-deny is the only way to keep up with today's threat landscape.
I recommend VoodooShield in "always on" mode. When you run an installer, VS will throw up an alert, and you can allow it. After the new program is installed and you're running it for the first time, the next VS alert will also have a checkbox to create a rule for the program; you can tick that checkbox, and then click "allow" or "report false positive." Once you have your system set up the way you want it, the only alerts you should get are random alerts, like when you're opening an infected document. Whenever something unexpected like that happens, you deny it.
Once you've configured VS, it will rarely bother you unless there is a real issue. If you're a download junkie, then I'd recommend using a VM for your tinkering. Like it or not, default-deny is the only way to keep up with today's threat landscape. Traditional scanners may have a 5% chance of detecting malicious files/processes on the day of the outbreak; the whole reason there are hundred-thousands of new samples daily is because malware writers are trying to code them so that they won't be detected. The best use for AV is scanning files that are at least a few days old. VS actually uses VirusTotal, along with its AI engine. If a file is too big to upload, then you might try HMP or SecureAPlus.
For those who recommend OSA, it's not as tight as VS; there are things that can get around it even with full config. At always on, VS is nearly impenetrable for anyone except the local user. About the only things that might be tougher are Comodo FW with Cruel Sister's settings (which requires more work when you want to install something), and AppGuard (which is $59.95 a year for personal use). For those who say you'll never get infected if you use the Internet responsibly, good luck with that. I sincerely hope you never get infected, but I like my odds a lot better.
If you aren't using Auto-Pilot though, then the experiment I did would obviously fail and you'll still be notified about the process creation attempt and will be able to decide based on the information shown to you - the trust score will still be non-existent and all the way back on the green if you managed to "pull it off" though, which increases the chances of it being allowed by the user in a realistic scenario as long as any provided details are not appearing "off" to a trained eye.
You are correct. I mentioned OSA because a previous user recommended it in lieu of VS. I didn't see any mention of ERP, and saw no reason to mention it myself, as it is better at making you feel secure than actually being secure.CS even like VS when she reviewed it using "autopilot", and said something like "elegantly coded..." in the You Tube "comments". And this was a couple of years ago. I agree with @Eddie Morra that VS is more like ERP than OSA. And yes, VS is light - no two ways about it.
That's why I don't rely on VT ratings. As I mentioned in my original post, traditional AV is only good for scanning files that are at least a few days old. If VS throws up an alert when you're opening a document, that's a red flag. You should only click allow when you are trying to install or run a new program. And you should only install a program when you're confident it is clean.Very good test, which goes to demonstrate that no product is perfect. I've used VS in the past and still think its a great program. You bring up a good point about the user having to make a decision based on an alert. If a malcoder were to take the time like you did to mask the true identity of the malware one could not only get by the Autopiolt, but also could technically bypass the "ON" option if it shows up as all green, tricking the user into thinking its safe. That's why its not always safe to assume that when a programs doesn't flag a piece of malware, or says its safe, that its truly safe. Granted like you said, home users will probably not run into malware this sophisticated when it comes to VS, as malcoders wont put the time in to home users as they would lets say a large business/enterprise.
That is pretty much the only reason I felt impelled to note that I wasn't bashing VoodooShield. I've seen you on other threads bringing forward mention of unpatched bugs/other issues for other security software... only for you to be accused of bashing by fanboys.
You are correct.
That's why I don't rely on VT ratings. As I mentioned in my original post, traditional AV is only good for scanning files that are at least a few days old. If VS throws up an alert when you're opening a document, that's a red flag. You should only click allow when you are trying to install or run a new program. And you should only install a program when you're confident it is clean.
That is pretty much the only reason I felt impelled to note that I wasn't bashing VoodooShield. I've seen you on other threads bringing forward mention of unpatched bugs/other issues for other security software... only for you to be accused of bashing by fanboys.
You are correct. I mentioned OSA because a previous user recommended it in lieu of VS. I didn't see any mention of ERP, and saw no reason to mention it myself, as it is better at making you feel secure than actually being secure.
That's why I don't rely on VT ratings. As I mentioned in my original post, traditional AV is only good for scanning files that are at least a few days old. If VS throws up an alert when you're opening a document, that's a red flag. You should only click allow when you are trying to install or run a new program. And you should only install a program when you're confident it is clean.
I recommend VoodooShield in "always on" mode. When you run an installer, VS will throw up an alert, and you can allow it. After the new program is installed and you're running it for the first time, the next VS alert will also have a checkbox to create a rule for the program; you can tick that checkbox, and then click "allow" or "report false positive." Once you have your system set up the way you want it, the only alerts you should get are random alerts, like when you're opening an infected document. Whenever something unexpected like that happens, you deny it.
.
I only mentioned CS's test because Autopilot is the recommended mode for use in testing, since that mode is most like a traditional AV - and that she was complimentary In no way was this meant to make a definitive statement about VS, nor to attribute invincibility to VS. BTW: A user on Wilders has suggested that Dan get rid of VT completely and rely only on the AI.
I fail to see any of today's posts to this thread that are evidence of "hurt feeling" as @Lockdown suggests, nor that anyone took your post (#43) as "bashing". Most members here understand the value of both open discussion and civility.
What I liked about your post was its clarity here, especially for a new VS user:
So once again, thanks for your clear and civil post!
Which is why I gave instructions to try and simplify it as much as possible. I'll be honest with you: the only programs VS bothered me about were a few portable programs (e.g. a few tech tools, my Ninite file for updating, and the restart and shutdown buttons I created from batch files), and AutoKMS. All other preexisting apps were recognized from the gate.I agree whole heartedly. On the flip side one also has to look at the experience of the user. For an average computer user with basic skills VS might not be the best for them, as it can flag legitimate processes/programs, which can cause alert-fatigue. The one thing one wants to avoid is alert fatigue where by if they can't differentiate what's good and what's bad, then that's just as bad as not having any security, they will just hit accept everytime.
Which is why I gave instructions to try and simplify it as much as possible. I'll be honest with you: the only programs VS bothered me about were a few portable programs (e.g. a few tech tools, my Ninite file for updating, and the restart and shutdown buttons I created from batch files), and AutoKMS. All other preexisting apps were recognized from the gate.
Cybercrime leapfrogged drug trafficking in 2004 to become the largest criminal industry on the planet. The average user experience involves malware infection, and having to call your insurance company and other creditors to let them know that the card you use for autopay has been compromised, and you have to wait two weeks for a replacement. I hope to see that change someday. And the way to change that is to push the envelope a little. There have been propositions of licensing people to use the Internet, just like we license people to drive. Maybe that's not such a bad idea.
Yeah, I only mentioned OSA because someone recommended it in lieu of VS. I felt no need to mention ERP, because it's not as tough as advertised.NVT OSArmor and VoodooShield are designed to work differently - they do not serve the exact same purpose. In my opinion, it would be more appropriate to compare VoodooShield to NVT EXE Radar/Pro.
Right. I wonder how many people will actually be able to claim anything from the $50 million allocated for settlements from the Yahoo breach in 2016.Industry will never be held liable for breaches. At least in no cases except gross negligence - which would be difficult to prove.
And besides, a person must prove that they suffered actual damages as a result of any data breach. If it results in cyberstalking, surveillance, bad credit, inability to buy something or move forward with a venture and other such stuff, there's nothing that a person can do. Actual monetary damages are addressable, however.
At least that is how the law works here in the U.S.