- Status
- Jan 24, 2011
- 9,378
RE: ZeroDay's Config.
You have a solid security configuration.... You can further improve it by adding a password manager:
LastPass (Free) - link
LastPass is an online password manager and form filler that makes web browsing easier and more secure.
What other security products have you used in the past?
You have a solid security configuration.... You can further improve it by adding a password manager:
LastPass (Free) - link
LastPass is an online password manager and form filler that makes web browsing easier and more secure.
What other security products have you used in the past?
- Jan 24, 2011
- 9,378
RE: ZeroDay's Config.
Just because they both have 'Firewall' in the name tag doesn't mean that they give the same level of protection , I've just spent 30 minutes with TeamViewer cleaning a infected PC that was protected by MSE and Windows Firewall so using the COMODO Firewall makes a lot of sense!..... You know what features has the Comodo Firewall so please don't bash a software just because you don't like it.
Maximus said:
Just because they both have 'Firewall' in the name tag doesn't mean that they give the same level of protection , I've just spent 30 minutes with TeamViewer cleaning a infected PC that was protected by MSE and Windows Firewall so using the COMODO Firewall makes a lot of sense!..... You know what features has the Comodo Firewall so please don't bash a software just because you don't like it.
RE: ZeroDay's Config.
No where did I bash Comodo. I said it is not needed. Big difference. Back in the XP days the benefits of a 3rd party firewall was great. With the advancements in Windows 7 the need for a 3rd party firewall has diminished. MSE was to blame for the infection. I have never seen a firewall to blame for a virus. A firewall can prevent ti from going out but its the ineffective av that let it in.
Inbound protection is covered by your hardware firewall and av. A software firewall covers outbounds. But if something wants out its already too late cause it got in.
No where did I bash Comodo. I said it is not needed. Big difference. Back in the XP days the benefits of a 3rd party firewall was great. With the advancements in Windows 7 the need for a 3rd party firewall has diminished. MSE was to blame for the infection. I have never seen a firewall to blame for a virus. A firewall can prevent ti from going out but its the ineffective av that let it in.
Inbound protection is covered by your hardware firewall and av. A software firewall covers outbounds. But if something wants out its already too late cause it got in.
RE: ZeroDay's Config.
Thanks for the replies. I've installed last pass and I'll be installing EMET soon. I chose Comodo over win 7's firewall because the built in firewall is only strong if you spend time configuring all the rules ( advanced security) I find Comodo the fastest option. I have been thinking about trying private firewall I've read a few good things about it.
Thanks for the replies. I've installed last pass and I'll be installing EMET soon. I chose Comodo over win 7's firewall because the built in firewall is only strong if you spend time configuring all the rules ( advanced security) I find Comodo the fastest option. I have been thinking about trying private firewall I've read a few good things about it.
RE: ZeroDay's Config.
Follow this simple guide to configuring Windows 7 firewall. You can also use Windows 7 Firewall control and other 3rd party tools.
http://www.wilderssecurity.com/showthread.php?t=239750
Follow this simple guide to configuring Windows 7 firewall. You can also use Windows 7 Firewall control and other 3rd party tools.
http://www.wilderssecurity.com/showthread.php?t=239750
Valentin N
Level 2
- Feb 25, 2011
- 1,314
RE: ZeroDay's Config.
Comodo firewall is more than just a firewall. Comodo firewall is easier to handle and gives you more info about your connectivity.
Windows is fine and surely better than before but it won't match Comodo firewall.
Maximus said:
Comodo firewall is more than just a firewall. Comodo firewall is easier to handle and gives you more info about your connectivity.
Windows is fine and surely better than before but it won't match Comodo firewall.
RE: ZeroDay's Config.
Hi Jack, I've used alot of oither products in the past I used to be a big eset fan but in the end I just found it's malware detection way below par, I've also used Kaspersky is which i really did like i just found it way to heavy. A few others I've tried are: Threatfire which wasn't really for me, The new webroot cloud security which i really did like, Trusteer rapport, Bitdefender which I also found to be to heavy. I've used lots of different on demand cleaner and boot discs cleaning infected pc's. I'm really really tempted to try the new norton but norton just feels wrong to me. Whatever I do try I allways seem to end up back with Avira and commodo, I'm definatly thinking of trying a few new firewalls thought perhaps private firewall, pc tools firewall and onlinearmour
Hi Jack, I've used alot of oither products in the past I used to be a big eset fan but in the end I just found it's malware detection way below par, I've also used Kaspersky is which i really did like i just found it way to heavy. A few others I've tried are: Threatfire which wasn't really for me, The new webroot cloud security which i really did like, Trusteer rapport, Bitdefender which I also found to be to heavy. I've used lots of different on demand cleaner and boot discs cleaning infected pc's. I'm really really tempted to try the new norton but norton just feels wrong to me. Whatever I do try I allways seem to end up back with Avira and commodo, I'm definatly thinking of trying a few new firewalls thought perhaps private firewall, pc tools firewall and onlinearmour
RE: ZeroDay's Config.
Maximus Thank you for link but I know how to configure windows 7 firewall I just dont think it can compete with third party firewalls specially ones with built in hips.
Thanks again.
Maximus Thank you for link but I know how to configure windows 7 firewall I just dont think it can compete with third party firewalls specially ones with built in hips.
Thanks again.
RE: ZeroDay's Config.
To be honnest I am ver weary whilst using CSC but it does seem to have come on alot as of late, But I agree ccleaner is the best option. I used to use advanced system care pro but after the mbam signature fiasco I uninstalled.
To be honnest I am ver weary whilst using CSC but it does seem to have come on alot as of late, But I agree ccleaner is the best option. I used to use advanced system care pro but after the mbam signature fiasco I uninstalled.
bogdan
Level 1
- Jan 7, 2011
- 1,362
RE: ZeroDay's Config.
I admit that if you are behind a router/hardware firewall and you don't need a better (or at least easier to set-up and use) outbound protection, the firewall built into Win 7 can be sufficient. But let's look at the latest Patch Tuesday: Microsoft fixed a a vulnerability in TCP/IP that could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system (MS11-083). This is a "privately reported vulnerability" so bad guys didn't get their chance to create a worm that could take advantage of it and bypass the inbound protection offered by the built-in Win7 firewall...but you never know what can happen in the future. So the built in firewall has the disadvantage that malware authors know it is there and might try to bypass it.
On the other hand, just because someone has a security suite installed with HIPS protection doesn't make him bullet proof. For some people HIPS offers a false sense of security.
I admit that if you are behind a router/hardware firewall and you don't need a better (or at least easier to set-up and use) outbound protection, the firewall built into Win 7 can be sufficient. But let's look at the latest Patch Tuesday: Microsoft fixed a a vulnerability in TCP/IP that could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system (MS11-083). This is a "privately reported vulnerability" so bad guys didn't get their chance to create a worm that could take advantage of it and bypass the inbound protection offered by the built-in Win7 firewall...but you never know what can happen in the future. So the built in firewall has the disadvantage that malware authors know it is there and might try to bypass it.
On the other hand, just because someone has a security suite installed with HIPS protection doesn't make him bullet proof. For some people HIPS offers a false sense of security.
RE: ZeroDay's Config.
Couldn't agree with you more bogdan. I will add that anyone using a software firewall as there means of inbound protection better get a router. Heck I have about 4 lying around I can give away. HIPS is good but very annoying. HIPS in my eyes is not really a security product. Its just a program to set off an alert for the unknown but not necessarily the malicious. Also the word "could" is the main point. Could does not mean everyone will have this issue. When a user sees tons of pop up alerts it makes them think there security is working. But it will only work if they click "block". HIPS is a geek tool and no where near intended for everyday users. We could all put our heads together and make or own security product. Heck throw off an alert for Windows Update needing outbound communication on whatever port. And believe you me people who think its the bomb.
Couldn't agree with you more bogdan. I will add that anyone using a software firewall as there means of inbound protection better get a router. Heck I have about 4 lying around I can give away. HIPS is good but very annoying. HIPS in my eyes is not really a security product. Its just a program to set off an alert for the unknown but not necessarily the malicious. Also the word "could" is the main point. Could does not mean everyone will have this issue. When a user sees tons of pop up alerts it makes them think there security is working. But it will only work if they click "block". HIPS is a geek tool and no where near intended for everyday users. We could all put our heads together and make or own security product. Heck throw off an alert for Windows Update needing outbound communication on whatever port. And believe you me people who think its the bomb.
bogdan
Level 1
- Jan 7, 2011
- 1,362
RE: ZeroDay's Config.
A classic HIPS product behaves just as you described it, however newer HIPS products (including CIS) lower the number of pop-ups mainly through white-listing. I wouldn't advise anyone to remove CIS but I do believe that backups (for example) are still needed even if you use HIPS. Its nice to see that ZeroDay uses windows 7's built in imaging. The config is OK.
A classic HIPS product behaves just as you described it, however newer HIPS products (including CIS) lower the number of pop-ups mainly through white-listing. I wouldn't advise anyone to remove CIS but I do believe that backups (for example) are still needed even if you use HIPS. Its nice to see that ZeroDay uses windows 7's built in imaging. The config is OK.
RE: ZeroDay's Config.
I'm behind a router and If I didn't understand hips alerts I wouldn't be using hips full stop! Even hardware firewalls aren't bulletproof, because lets face it bullet proof doesn't exist. When I clean infected machines I wouldn't dream of sending the machine back with hips installed because as you pointed out it's not intended for everyday users, most the people I know would just click allow which is exactly what they do with uac. I'm almost certain that the only way I could stop some of my customers getting infected every few weeks would be to sit beside them 24/7. I chose my current config as it best suits my needs and skill set, but I do tend to switch configs a fair bit I just enjoy trying/testing new products and it gets boring doing so in vm's.
I'm behind a router and If I didn't understand hips alerts I wouldn't be using hips full stop! Even hardware firewalls aren't bulletproof, because lets face it bullet proof doesn't exist. When I clean infected machines I wouldn't dream of sending the machine back with hips installed because as you pointed out it's not intended for everyday users, most the people I know would just click allow which is exactly what they do with uac. I'm almost certain that the only way I could stop some of my customers getting infected every few weeks would be to sit beside them 24/7. I chose my current config as it best suits my needs and skill set, but I do tend to switch configs a fair bit I just enjoy trying/testing new products and it gets boring doing so in vm's.
- Status
Similar threads
