Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
What is your security combo lacking?
Message
<blockquote data-quote="ebocious" data-source="post: 811173" data-attributes="member: 75834"><p>This is the first statement of yours that I agree with. Still, some security is better than none at all. If RoboMan is correct, and you are using H_C, that's a whole lot more than nothing.</p><p></p><p></p><p>I didn't say they do. But being cocksure is unhealthy as well. And if you are in fact using security software, and telling others not to, that's doing them a severe disservice.</p><p></p><p></p><p>This is false. Ask anyone who visited Dolphin Stadium's sites before the super bowl. That was a legitimate site; they did absolutely nothing wrong by visiting. They'll agree with me, not with you. By the way, who said anything about AV?</p><p></p><p>The last time I got infected was in 2006, when our ISP got hit with SQL Slammer and Stack Bot. After reimaging Windows, I got rid of our McAfee suite and installed ISS BlackICE. Then I started using ACL deny entries to foil privilege escalation exploits, and got rid of BlackICE. Then came fileless malware, and the need arose to prevent process injection while still allowing the programs themselves to launch. So I stepped up to CleanBrowsing DNS, and a browser extension or two (most recently MBBE); with default-deny as a backup.</p><p></p><p></p><p>Agreed. I have no issues with you personally. My issue is with misinformation. With all due respect, there are holes in the information you've given during our exchange, which leads me to suspect that you have more enthusiasm than professional experience. I applaud you for stepping into the arena now, to learn as you go. But I've actually spent time in the trenches, and am here to tell you that what you read about mitigative technologies on paper are not watertight. They are being circumvented, and not just in direct attacks on servers. Home users who believe what you've been saying are getting infected every day by the thousands, including 80-year-old women who do little more than check their email, and occasionally look up a quilt pattern on JOANN or recipe on Betty Crocker.</p><p></p><p>I'm not saying you need to install a three-pronged security suite. In all likelihood, anyone who uses either CleanBrowsing or Quad9 is unlikely to ever encounter anything that can actually circumvent their browser's sandbox. And anyone who adds MBBE is less likely still. If you add Cruel Comodo to these two, you will be ready for anything out there. And unless you're running a Pentium 4 with 256 MB of RAM, you won't see a performance hit. I can't tell you that my systems have stayed clean because my security apparatus has been zapping huge, black clouds of bugs that swarm around me nonstop. But I will tell you this: the odds that you've been on an infected website and your sandbox protected you, are far greater than the odds that you've encountered nothing in the last decade.</p><p></p><p>All it takes is one little browser hijacker, and your 10+ years of squeaky-clean browsing are all the way back to zero. An ounce of prevention is worth a pound of cure. I hope you are in fact using H_C. Because one less bot makes the Web just the tiniest bit safer for me.</p><p></p><p></p><p>That's totally understandable. I don't use AV either. My security software is much lighter, and much more effective.</p><p></p><p>Yah, I don't think I said anything about AV, but you're the third person who seems to think I did. I'll have to look back, and see if I did. Because I know it's not in the three configurations I listed earlier, as I don't use AV either.</p></blockquote><p></p>
[QUOTE="ebocious, post: 811173, member: 75834"] This is the first statement of yours that I agree with. Still, some security is better than none at all. If RoboMan is correct, and you are using H_C, that's a whole lot more than nothing. I didn't say they do. But being cocksure is unhealthy as well. And if you are in fact using security software, and telling others not to, that's doing them a severe disservice. This is false. Ask anyone who visited Dolphin Stadium's sites before the super bowl. That was a legitimate site; they did absolutely nothing wrong by visiting. They'll agree with me, not with you. By the way, who said anything about AV? The last time I got infected was in 2006, when our ISP got hit with SQL Slammer and Stack Bot. After reimaging Windows, I got rid of our McAfee suite and installed ISS BlackICE. Then I started using ACL deny entries to foil privilege escalation exploits, and got rid of BlackICE. Then came fileless malware, and the need arose to prevent process injection while still allowing the programs themselves to launch. So I stepped up to CleanBrowsing DNS, and a browser extension or two (most recently MBBE); with default-deny as a backup. Agreed. I have no issues with you personally. My issue is with misinformation. With all due respect, there are holes in the information you've given during our exchange, which leads me to suspect that you have more enthusiasm than professional experience. I applaud you for stepping into the arena now, to learn as you go. But I've actually spent time in the trenches, and am here to tell you that what you read about mitigative technologies on paper are not watertight. They are being circumvented, and not just in direct attacks on servers. Home users who believe what you've been saying are getting infected every day by the thousands, including 80-year-old women who do little more than check their email, and occasionally look up a quilt pattern on JOANN or recipe on Betty Crocker. I'm not saying you need to install a three-pronged security suite. In all likelihood, anyone who uses either CleanBrowsing or Quad9 is unlikely to ever encounter anything that can actually circumvent their browser's sandbox. And anyone who adds MBBE is less likely still. If you add Cruel Comodo to these two, you will be ready for anything out there. And unless you're running a Pentium 4 with 256 MB of RAM, you won't see a performance hit. I can't tell you that my systems have stayed clean because my security apparatus has been zapping huge, black clouds of bugs that swarm around me nonstop. But I will tell you this: the odds that you've been on an infected website and your sandbox protected you, are far greater than the odds that you've encountered nothing in the last decade. All it takes is one little browser hijacker, and your 10+ years of squeaky-clean browsing are all the way back to zero. An ounce of prevention is worth a pound of cure. I hope you are in fact using H_C. Because one less bot makes the Web just the tiniest bit safer for me. That's totally understandable. I don't use AV either. My security software is much lighter, and much more effective. Yah, I don't think I said anything about AV, but you're the third person who seems to think I did. I'll have to look back, and see if I did. Because I know it's not in the three configurations I listed earlier, as I don't use AV either. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
