What is your security setup these days?

Nice setup. If an AV is needed as an adjunct, Kaspersky would be optimal.

Regarding the WF and Windows Update issue, it has been noted that when WF is disabled, updates to Windows can be delayed or just not done at all automatically' however neither the previous build of CF nor the current Beta will cause WF to be disabled, so the WF disabled issue some have noted is curious. Best practice is to have WF enabled to avoid any issues.

Since I'm here, just a comment about the Comodo 2024 beta- although on the surface the protection modules seem identical to that used in previous releases, Comodo has tightened up Containment at the lowest (Partially Limited) level, as it will no longer allow such trivia as Desktop Wallpaper being changed by ransomware. In addition, some malware will not even be allowed to run at all, and some stealers will not be able to steal. At my preferred Restricted containment level the protection is perfect as before.

Although I released a Beta video a few days ago, currently I'm doing a private (and much more extensive test disabling everything except Containment (which I am running at the lowest Partially Limited level) and so far the results are exceeding expectations. More fun is employing Silent Mode where I haven't been distracted by any popups.

The one downside for me with the Beta is that there is no Advanced View GUI pane. I found the data presented in Advanced View to be extremely useful. Aside from seeing what valid applications are attempting to call home as well as determining what is in Containment, one can also observe what processes are being blocked.

This latter point is important as Comodo has an additional protection mechanism (File Rating) where a process must first be vetted by Comodo (even if legitimately signed and countersigned). The issue here Is that Windows will update Defender (and Smartscreen) before the vetting process by Comodo is done, so from time to time they will show up as Untrusted (not that there will be a total block).

So all in all the 2024 version is so far interesting, but I do so miss the old GUI.

 

I have seen the Comodo Firewall 2024 review. From what I understood it's still pretty good at containing unknown files and I assume it will let legitimate apps run freely? And where to download Comodo 2024?

 

I keep seeing people mention Harmony Endpoint, have they made a consumer version or what? Because AFAIK it's only available for corporations.

I assume KAR will only block ransomware, or does it also monitor the system for other suspicious behavior?

 

the link can be found here

Just scroll down a bit to

The link is in line #1

 

OK thanks, from what I've read it's not yet ready for primetime, so I will wait a bit. And I assume you can choose to use only Comodo Firewall, or do you have to install CIS?

 

That I'm not sure about, as I haven't tried it yet either.

 

You can just install the Firewall. I did a video on the Beta hat covered how to do that. But Best Practice is not to install a Beta on a production system (also the present GUI is so much more informative)..

Also: 1) about KAR- it will equally detect and stop stealers, worms, etc It's far more than an anti-ransomware application.
2). Checkpoint Harmony is indeed popular. But is does have a bunch of extraneous functions, and to tighten it up various rules should be created, essentially making it more reactive than proactive (kinda like whack-a-mole with malware). It should be noted that Harmony shares things with the Zone Alarm line including an AV and anti-ransomware module. So although I don't have much interest in Harmony. I did release a video this morning concerning Zone Alarm anti-ransomware to test the ransomware modality which is shared by their products.

 

I downloaded the installer. Per @cruelsister i will be installing ONLY the firewall as well. Interesting release.

 

I will be installing, maybe after the next version comes out, or more likely a couple of versions down the road. Right now, I'm quite content with Kaspersky Plus on this system.

 

I'm using Sandboxie with Windows security paired with Defender UI Pro. It's a fantastic combo. That's all I need. Light and effective...

 

Hello Nihira, what is TLD's?

 

Top Level Domains such as com,eu,inf,io,ms,net,it,org,edu with which I created an exception rule (whitelist) to the uBlock Origin - Hard Mode:

 

Oh! Many thanks!

I agree with you on breakage when you block 3p-scripts on MM. But I'm surprise when you say the protection on sneaky scripting is 0%

 

Those conclusions were made by Kees1958.

 

wo
where I can read something?
If I'm not wrong you use Kees filter lists
and what think the creator of ubo about? If he said something

 

I don't know where you can read something to me he sent this information directly or after I opened an issue,I don't remember.
I use Kees1958's MV3-specific list in AdGuard MV3 extension.
And the one specific for Edge/Firefox in my browser

I didn't quite understand the next question.

 

It was a post from (also very respectable) Lenny_Fox, view:
https://malwaretips.com/threads/ubl...questions-and-issues-thread.92247/post-952925

Edit: For blocking so-called sneaky third party scripts you can't without filterlists when you use uBO medium mode or easy hard mode.

 

Windows 11 22H2
MS Defender | Block all unknown executables | ASR rules
Smart Application Control | On
Exploit Protection | All system settings On | Custom settings for apps
LibreWolf | µBO Hard mode | https://search.disroot.org/
Chrome | µBO Hard mode | JShelter | https://search.disroot.org/

 

Kees lists are overrated. And don't you think that a 2 years old thread is ages ago and not reliable anymore? Do you think that gorhill is that stupid? Adguard MV3 itself with no changes has very decent results.

 

Why do you assume that Kees1958's lists are overrated and obsolete?

Gorhill often decided to eliminate some filter lists or then changed his mind.
Or he inserted new filter lists and then changed his mind again.
It often takes insisting over and over again to change his mind that some filter lists, are better than others.

The same can be said about some features of UBO and UBO Lite.

If these 2 extensions are better today than in the past, it is also thanks to the merit of some users who wasted a lot of time and insisted on what they thought was important.

 

Indeed, experimentation and adaptation are the essence of progress and change. Kees', LennyFox's and other such lists are usually appropriate for certain types of users, not the mass of users. I myself use the first two when using either medium or hard mode.

After all, who knows what changes will come next in the world of adblockers?

 

well said
/ot
currently i am reducing ublock to the max.
about the future, i dont know. its nice to have alternative methods, not being redundant.
the problem i see a lot of places (also in this forum) that security software can make it simple, or go worse.

 

I'm looking for suggestions on how I can block access to a mounted cloud storage volume except for what I allow; in this case rclone.exe and keepass. I wouldn't use a mounted volume at all, but it's easier for keepass having my database remote and my keyfile locally. Any ideas on how to restrict access?

 

// you have asked similar in the sandboxie thread, maybe its nice to limit places of questions.

 

Except that if you're read that thread, which you apparently have, I mentioned that it a blanket block is outside the scope of Sandboxie. Which is true, and hence while I'm asking here in a thread outside of one dedicated to Sandboxie.