my current security setup is
PC Tools Firewall Plus
Avira Antivir Free
i find the setup compatible with FWservice Memory Usage app. 12000-14000k and AVguard app. 8000-10000k.
i want to know (1) If there is any overlapping in the setup and (2) Is the system well protected and the setup is strong and effective.
You have avira. Sounds good already
Should be good, but remember no av is 100%, Avira is close to it though lol.
It would be good to have some form of prevention such as virtulization or HIPS… It would take away the risk.
pctools firewall plus has some sort of hips in the form of enhanced security verification and to complement it i have added threatfire as both are compatible. so the setup is like
pctools firewall plus + enabled enhanced security verification (some sort of hips in pctools firewall plus) + threatfire free (behaviour blocker) + avira antivir free.
in this way i have both, some sort of hips and behaviour blocker. i think this slim/light hips and behaviour blocker combination is better than full classical hips like defence plus in comodo firewall for average users.
I have not used pctools firewall so I cannot comment on that. You must not get behaviour blocked and HIPS confused, BB still rely on “signatures” that have to be updated to keep the program effective, Though not as much as a AV.
Your setup is good naren, Don’t get me wrong.
HIPS would bring you peace of mind… Knowing that you aren’t relying on someone else to write a signature for the malware they find. HIPS may not be practicle for the average user at current…
Behavioral Blockers (BB) do not rely on signatures at all… at least pure BBs
…unless, probably you mean some kinda “blended” technology (?)
If you could use CIS you wouldn’t need all this ragbag of other programs.
It is more powerful than any mixture of other vendors various efforts, so why bother?
BB must know what to look for and what is classed as a “bad behaviour” so they do need to be updated… though not nearly as much as av’s need to.
Are we on the same page now?
Almost on the same page but not completely.
Sure, they need updates, but since their algorithms are looking at the actions the code is performing and analyzing whether the resulting combination of those actions could be considered malicious - they are not using “fingertips” of the code (signatures).